- From: Paul Cotton <pcotton@microsoft.com>
- Date: Mon, 7 Mar 2005 17:33:09 -0800
- To: "Rich Salz" <rsalz@datapower.com>, "Rice, Ed \(HP.com\)" <ed.rice@hp.com>
- Cc: <public-ws-addressing@w3.org>, <www-tag@w3.org>
> I want end-to-end security, not hop-by-hop. I'm not alone. :) +1 Paul Cotton, Microsoft Canada 17 Eleanor Drive, Nepean, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:pcotton@microsoft.com > -----Original Message----- > From: www-tag-request@w3.org [mailto:www-tag-request@w3.org] On Behalf Of > Rich Salz > Sent: March 7, 2005 8:18 PM > To: Rice, Ed (HP.com) > Cc: public-ws-addressing@w3.org; www-tag@w3.org > Subject: RE: RFC 2616 (rfc2616) - Hypertext Transfer Protocol -- > HTTP/1.1Re: Minutes of the Web Services Addressing / TAG joint meeting > > > > I guess it depends on the content. Normally when you use a SOAP > > intermediary you would have your SSL connection with the intermediary if > > your concerned about the validity of the content. That way the > > intermediary becomes a trusted source (and it in-turn would have to have > > a trust relationship with the up-stream author of the content). > > That strikes me as turning an architectural limitation into a feature. > If I sign my content, I don't have to trust a SOAP intermediary to do > anything more than it's business. If that intermediary gets > compromised, *my* content won't get screwed up. (Choicepoint, anyone?) > > You don't trust every router that might touch your TCP packets, do you? > Of course not -- that's why you use SSL. Why is the SOAP situation > any different? > > I want end-to-end security, not hop-by-hop. I'm not alone. :) > /r$ > > -- > Rich Salz Chief Security Architect > DataPower Technology http://www.datapower.com > XS40 XML Security Gateway http://www.datapower.com/products/xs40.html >
Received on Tuesday, 8 March 2005 01:33:14 UTC