- From: <noah_mendelsohn@us.ibm.com>
- Date: Fri, 6 Oct 2006 23:05:26 -0400
- To: "Rice, Ed (ProCurve)" <ed.rice@hp.com>
- Cc: "Paul Cotton" <Paul.Cotton@microsoft.com>, Vincent.Quint@inrialpes.fr, www-tag@w3.org, www-tag-request@w3.org
Ed Rice writes: > I had assumed that since SOAP uses HTTP and HTTPS that the > relationship was implied. I hope it's clear that Web Services only sometimes uses SOAP + HTTPS as its security mechanism. HTTPS is fine, if used carefully, for the one hop connection-level security that it provides. I think Paul is pointing out that Web Services Security provides complementary mechanisms that secure messages at a higher level, and that perhaps these should be considered for at least a brief mention as a point of comparison. Noah -------------------------------------- Noah Mendelsohn IBM Corporation One Rogers Street Cambridge, MA 02142 1-617-693-4036 --------------------------------------
Received on Saturday, 7 October 2006 03:05:45 UTC