Re: Henrik's media type comments

> I agree with this direction but I think it may be better to put these
> considerations in places where SOAP is actually bound to underlying
> protocols, preferably in the security considerations of those bindings.
> Given that the media type doesn't really talk about the application
> semantics, it makes it hard to relate to without a lot of background
> knowledge.

I concur with Henrik here; that section has always struck me as sticking
out, and potentially confusing.

> >> The presence and content of the SOAPAction header field MAY be used
> >> servers such as firewalls to appropriately filter SOAP HTTP request
> >> messages and it may be used by servers to facilitate dispatching of
> >> messages to internal message handlers etc. It SHOULD NOT be used as
> >> insecure form of access authorization."

I haven't kept current with the twisted state of SOAPAction, but I can't
find reference to it in Adjuncts (except an indirect reference to
"parameters" in the media type registration), and the change notes
indicate it's been removed to the I-D. There seems to be a missing link
here; does SOAPAction need to be exposed as a property?

> * Shouldn't there be normal IETF header/footer stuff with page number
> etc.?
> * A ToC would also be nice
> * I think normally the expiration time is stated in the left-upper
> corner as part of the front page header rather than in the status
> section.

Mark - I thought you were using xml2rfc to generate these?

> * I would consider deleting the last sentence in the first paragraph in
> section 1. I think it is going a bit too deep and I think the second
> paragraph follows more naturally without that sentence.


Mark, if you still wish to share the blame for this with me, please use
the following details -

<author initials="M." surname="Nottingham" fullname="Mark Nottingham">
  <organization>BEA Systems</organization>
      <street>Level 15, 235 Montgomery Street</street>
      <city>San Francisco</city>

Received on Thursday, 20 June 2002 14:02:03 UTC