- From: Mark Nottingham <mnot@mnot.net>
- Date: Mon, 07 May 2001 14:49:47 -0700 (PDT)
- To: Noah_Mendelsohn@lotus.com
- Cc: Henrik Frystyk Nielsen <henrikn@microsoft.com>, marting@develop.com, mnot@mnot.net, xml-dist-app@w3.org
I see the distinction as that between stopping malicious users (which SOAPAction can't do) and the application of policy at the border of the administrative domain (which SOAPAction can help). Firewall administrators are untrusting by nature; they won't depend on downstream SOAP processors to do any checking, on the assumption that they're malicious or poorly implemented. Quoting Noah_Mendelsohn@lotus.com: > Henrik Nielsen writes: > > >> It is disappointing that people read into > >> SOAPAction any security mechanism > > I thought it was very clearly intended as, in part, a security hint, and > > in that sense a part of a security mechanism. My understanding was that > > the intended operation would be that security filters would reject > traffic > with untrusted SOAPAction headers, but that final checking would be done > > by the actual downstream SOAP processor which has access to the more > reliable (as opposed to hint) information within the envelope. Are we > saying the same thing? > > ------------------------------------------------------------------------ > Noah Mendelsohn Voice: > 1-617-693-4036 > Lotus Development Corp. Fax: 1-617-693-8676 > One Rogers Street > Cambridge, MA 02142 > ------------------------------------------------------------------------ > > > >
Received on Monday, 7 May 2001 17:50:09 UTC