ws-soap-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brown, Keith" <>
Subject RE: SOAP-SECURITY proposal
Date Tue, 05 Sep 2000 23:16:58 GMT
James Snell wrote:
>>Client A sends a message to Server C through untrusted Server B.<<

If it weren't for the SOAPActor attribute that was recently (and some would
argue naively) added to the SOAP spec, we wouldn't be discussing
intermediaries at all.

My point is that we should not be trying to invent new authentication
protocols. As you suggest, let's leverage the work that the dsig guys have
done for integrity, but let's not invent any new cryptographic
authentication protocols. Even providing a standard header for
authentication leads to nasty issues: many authentication protocols depend
on details of the underlying transport (connectionless, etc.) Kerberos, for
instance, works great over raw TCP/IP, but falls down dreadfully when used
on top of a message queueing architecture (at least for end-to-end
authentication), because it relies on the message being sent promptly from
end to end (Kerb clock skews are typically configured to +-5 minutes).

May I humbly suggest that we attempt to get some experience with transport
layer security before we start trying to tackle *much* larger issues like
end-to-end authentication in the face of intermediaries.


View raw message