- From: <Noah_Mendelsohn@lotus.com>
- Date: Mon, 7 May 2001 16:57:38 -0400
- To: "Henrik Frystyk Nielsen" <henrikn@microsoft.com>
- Cc: marting@develop.com, mnot@mnot.net, xml-dist-app@w3.org
Henrik Nielsen writes: >> It is disappointing that people read into >> SOAPAction any security mechanism I thought it was very clearly intended as, in part, a security hint, and in that sense a part of a security mechanism. My understanding was that the intended operation would be that security filters would reject traffic with untrusted SOAPAction headers, but that final checking would be done by the actual downstream SOAP processor which has access to the more reliable (as opposed to hint) information within the envelope. Are we saying the same thing? ------------------------------------------------------------------------ Noah Mendelsohn Voice: 1-617-693-4036 Lotus Development Corp. Fax: 1-617-693-8676 One Rogers Street Cambridge, MA 02142 ------------------------------------------------------------------------
Received on Monday, 7 May 2001 17:02:21 UTC