ws-soap-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William Brogden" <wbrog...@bga.com>
Subject RE: SOAP security
Date Wed, 09 Jan 2002 14:43:59 GMT
SOAP security is just one of the areas that Microsoft has
made suggestions for:
 http://msdn.microsoft.com/ws/2001/10/Routing/
 http://msdn.microsoft.com/ws/2001/10/Referral/
 http://msdn.microsoft.com/ws/2001/10/Security/
 http://msdn.microsoft.com/ws/2001/10/License/
 

> -----Original Message-----
> From: Christian Geuer-Pollmann 
> [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de] 
> Sent: Wednesday, January 09, 2002 6:27 AM
> To: soap-dev@xml.apache.org
> Cc: Edward Yeboah
> Subject: RE: SOAP security
> 
> 
> Currently, we're working an an interface between the xml-axis and 
> xml-security projects.
> 
> What do you mean by "authentication of SOAP services sn under 
> review" ?
> 
> 
> Christian
> 
> --On Mittwoch, 9. Januar 2002 09:32 +0000 Edward Yeboah 
> <edward@egsgroup.com> wrote:
> 
> > Actually, this is an area I am working on.
> >
> > However, our requirement is for permissioning of services 
> to groups of
> > client hosts.
> >
> > SSL simply ensures that the messages cannot be tapped.
> >
> > I believe authentication of SOAP services in under review.
> >
> > Edward
> >
> >> -----Original Message-----
> >> From: Christian Geuer-Pollmann
> >> [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de]On Behalf 
> Of Christian
> >> Geuer-Pollmann
> >> Sent: 02 January 2002 15:51
> >> To: soap-dev@xml.apache.org
> >> Subject: RE: SOAP security
> >>
> >>
> >> As always, the answer depends on your security requirements:
> >> What do you
> >> want to 'secure'?
> >>
> >> Confidentiality while 'traveling' through the internet?
> >> Right, SSL is the
> >> correct choice.
> >>
> >> Non-repudiation or authentication or integrity? SSL wont do
> >> that. Use XML
> >> Signature.
> >>
> >> Real end-to-end-confidentiality: Use XML Encryption.
> >>
> >>
> >> For a full-blown XML Signature implementation look @
> >> http://xml.apache.org/security/
> >>
> >> Christian
> >>
> >> --On Mittwoch, 2. Januar 2002 08:03 -0700
> >> armstpat@WellsFargo.COM wrote:
> >>
> >> > Just use SSL and it is good.
> >> >
> >> > -----Original Message-----
> >> > From: lp_cm@hotmail.com [mailto:lp_cm@hotmail.com]
> >> >
> >> > I wonder the security of the SOAP on the Internet.
> >>
> 
> 
> 
> 
> 



Mime
View raw message