- From: Andrew Layman <andrewl@microsoft.com>
- Date: Mon, 22 May 2000 15:29:38 -0700
- To: "'Michael.Condry@eng.sun.com'" <Michael.Condry@eng.sun.com>, xml-dist-app@w3.org
What exactly did IBM demonstrate? Why is this a hole in SOAP? Thanks. -----Original Message----- From: Michael Condry [mailto:Michael.Condry@eng.sun.com] Sent: Wednesday, May 17, 2000 6:31 PM To: Constantine Plotnikov; xml-dist-app@w3.org Subject: Re: XML protocol security Not clear if you are using it this way. SSL will not fix this. IBM showed a great example of SOAP holes in the W3C conference (WWW9) today. >I think that security is out of scope of XML RPC layer. >It is layer on top of it. Like SSL is a layer above >TCP or other stream protocol. > >Because such layers was not fixed yet. I think that we are >in unique situation that can allow us to promote other security >models. I found capabilty based security very interesting >model. It is quite unlike ACL model and I think that it suit >web more becuse it will work better in decentralized web. >More information is available at: > >http://www.skyhunter.com/marcs/capabilityIntro/index.html >http://www.caplet.com/security/taxonomy/index.html > >Basically I think that there should be following logical >layers: >1. (Secure) Transport Layer (examples: TCP+SSL, https, ...) >2. Messaging layer (XML-RPC) >3. Secure Distributed Object Model > >The diffculty with ACL is that they make proofs in layer 3 >quite difficult. Sandbox model is an variant of it. > >The difficulty with capability based secutrity is that this >model do not have ready to use simple paradigms of >administration. At least I have not found it. I have some >ideas but have not yet tested them. Capability based security >is very natural model for mediating services. > >Constantine >
Received on Monday, 22 May 2000 18:30:18 UTC