- From: Williams, Stuart <skw@hplb.hpl.hp.com>
- Date: Tue, 8 Jan 2002 10:33:06 -0000
- To: "'Henrik Frystyk Nielsen'" <henrikn@microsoft.com>
- Cc: xml-dist-app@w3.org
Henrik, I wasn't aware that we had commissioned a security section specific to HTTP - not saying that that would be bad, just wasn't conscious that we had pick up an action specific to HTTP. Part 1 section 5 contains an empty security section [4] and it also contains some discussion about default ports binding to application-specific protocols [5]. I don't think we have lost any (content-ful) material on this topic from the current WDs. Stuart [4] http://www.w3.org/TR/2001/WD-soap12-part1-20011217/#NAF1 [5] http://www.w3.org/TR/2001/WD-soap12-part1-20011217/#NAE2 > -----Original Message----- > From: Henrik Frystyk Nielsen [mailto:henrikn@microsoft.com] > Sent: 07 January 2002 17:25 > To: Mark Baker > Cc: Krishna Sankar; xml-dist-app@w3.org > Subject: RE: SOAP port number > > > > IIRC, we decided [3] to keep the port and have a security > section in the > HTTP binding section warning about the dangers of using SOAP over HTTP > in general and in particular about the port issue. > > One reason being that registering for another port has a whole slew of > other problems associated with it that causes a lot of complexity and > little gain. Should we register secondary ports for SMTP and any other > protocol that can also carry SOAP? > > Hmm, the HTTP security section [1] (which still has to be > written) seems > to have fallen out of the latest draft [2]. > > Henrik > > [1] http://www.w3.org/TR/2001/WD-soap12-part2-20011002/#soapsec > [2] http://www.w3.org/TR/2001/WD-soap12-part2-20011217/ > [3] http://www.w3.org/2000/xp/Group/1/09/f2f-minutes.html > > >Nothing's changed, but we haven't yet addressed it for the > >default HTTP binding, only for the binding framework. >
Received on Tuesday, 8 January 2002 05:33:46 UTC