ws-soap-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Edward Yeboah" <edw...@egsgroup.com>
Subject RE: SOAP security
Date Wed, 09 Jan 2002 14:24:34 GMT
Christian,

Actually, I was referring to the JAVA XML Security API's.

Apologies, I should have made it clearer on the outset.

BTW, Good work on the XML Security Specification.

Edward

> -----Original Message-----
> From: Christian Geuer-Pollmann
> [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de]
> Sent: 09 January 2002 12:27
> To: soap-dev@xml.apache.org
> Cc: Edward Yeboah
> Subject: RE: SOAP security
> 
> 
> Currently, we're working an an interface between the xml-axis and 
> xml-security projects.
> 
> What do you mean by "authentication of SOAP services sn under 
> review" ?
> 
> 
> Christian
> 
> --On Mittwoch, 9. Januar 2002 09:32 +0000 Edward Yeboah 
> <edward@egsgroup.com> wrote:
> 
> > Actually, this is an area I am working on.
> >
> > However, our requirement is for permissioning of services 
> to groups of
> > client hosts.
> >
> > SSL simply ensures that the messages cannot be tapped.
> >
> > I believe authentication of SOAP services in under review.
> >
> > Edward
> >
> >> -----Original Message-----
> >> From: Christian Geuer-Pollmann
> >> [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de]On Behalf 
> Of Christian
> >> Geuer-Pollmann
> >> Sent: 02 January 2002 15:51
> >> To: soap-dev@xml.apache.org
> >> Subject: RE: SOAP security
> >>
> >>
> >> As always, the answer depends on your security requirements:
> >> What do you
> >> want to 'secure'?
> >>
> >> Confidentiality while 'traveling' through the internet?
> >> Right, SSL is the
> >> correct choice.
> >>
> >> Non-repudiation or authentication or integrity? SSL wont do
> >> that. Use XML
> >> Signature.
> >>
> >> Real end-to-end-confidentiality: Use XML Encryption.
> >>
> >>
> >> For a full-blown XML Signature implementation look @
> >> http://xml.apache.org/security/
> >>
> >> Christian
> >>
> >> --On Mittwoch, 2. Januar 2002 08:03 -0700
> >> armstpat@WellsFargo.COM wrote:
> >>
> >> > Just use SSL and it is good.
> >> >
> >> > -----Original Message-----
> >> > From: lp_cm@hotmail.com [mailto:lp_cm@hotmail.com]
> >> >
> >> > I wonder the security of the SOAP on the Internet.
> >>
> 
> 
> 
> 
> 

Mime
View raw message