RE: Web RPCs Considered Harmful

Michael Condry of Sun, discussing use of XML to convey information, wrote
"Yes, but I do not see any SandBOX model here. Do we wait until the customer
crys...." (sic).

Several people have written here that they would like to see some standards
developed for representing digital signatures, encryption and similar
information within XML.  Those are good suggestions, and there is already
work underway at the W3C in this area.  (See XML DSIG for example.)  But Mr.
Condry's statement goes past wire formats and protocols of messages and
implies that clients should lock themselves to certain details of server

By constrast, many of the processing models under discussion in the context
of XML have separated the transmission of information from the particular
implementation used for its processing.  In other words, the format of a
message does not lock-in the reader to use a certain language, platform or
security mechanism. XML processors can be written in any language, on any
platform. In a like way, they can use any security mechanism.  

Received on Wednesday, 17 May 2000 18:45:39 UTC