Re: Draft registration of application/soap+xml from Mark Baker on 2002-01-04 (xml-dist-app@w3.org from January 2002)

From: Mark Baker <distobj@acm.org>
Date: Fri, 4 Jan 2002 15:54:55 -0500 (EST)
To: rsalz@zolera.com (Rich Salz)
Cc: xml-dist-app@w3.org
Message-Id: <200201042054.PAA16752@markbaker.ca>

> Please explain.  I've been involved in the security area for awhile, and 
> I just don't understand your point.  Isn't signed/encrypted soap 
> messages over HTTP the exact same thing as SMIME over SMTP?

Yes, it probably is, but that's not what I was referring to when I
referred to the security model provided by the application protocol.
In fact, "security model" is a really bad term and I'll aim to fix
that.  MarkN pointed it out to me, but I forgot.

What I'm talking about in that section is that the application semantics
themselves provide safety guarantees by providing a fixed interface
which limits the type of things that can be done through the interface.

SMTP, for example, provides an interface with very limited application
semantics that (for the purposes of this email) only facilitates the
sending of email.  It can't be used to do other things, such as to
retrieve files, unless somebody explicitly installs software that does
that and has a convention for placing those retrieval commands inside an
email message, header, or address.  That is tunneling, and the fact that
SMTP doesn't include those features by default is why it is trusted and
well deployed.  The fixed interface is secure, because software
implementing it only does what it's designed to do and nothing more.

This is the case for all application protocols, including HTTP.  Using
POST to send data that's supposed to mean something other than POST to
the recipient, is tunneling.

> > That's an interesting point, but the processing model doesn't specify
> > how to route, only how to target.
> 
> A recipient receiving a message with an encrypted actor and/or 
> mustUnderstand cannot properly send a SOAP "actor" fault back, since 
> (obviously) it doesn't know who the actor was. :)  I believe this 
> impacts the processing model.

Good point.  I'll add something about that.

MB
-- 
Mark Baker, Chief Science Officer, Planetfred, Inc.
Ottawa, Ontario, CANADA.      mbaker@planetfred.com
http://www.markbaker.ca   http://www.planetfred.com

Received on Friday, 4 January 2002 15:54:23 UTC