On Monday, July 09, 2001 @9:12 PM Randy Bush wrote:
>>> I would add one clarification. SOAP encompasses much
>>> broader scope that iCAP. SOAP is a whole architecture for messaging;
>> *architecture*?
>> it's a simple, lightweight instance of XML use along with a bunch of
>> kludged http headers.
>
>hey, don't knock it. where else can you get remote procedure call,
>intermediate proxies which can remove and add message/command content,
>and not one whiff of authentication or authorization to pollute it
>with silly security ideas?
>
>can you say loaded fusion bomb?
Agree on the lack of authentication and authorization issues, these are 2
items OPES is proposing to address. Several of us have long believed that
with
an OPES framework, multiple existing remote procedure call protocols
including
iCAP and SOAP can be added to an authenticated and authorized intermediate
proxy model. By applying AAA in the form of an Admin Server, where
authorization is classically a policy model with PRC modules and the like
and
authentication is capable of using protocols such as SSL, we have the
opportunity to disarm the bomb.
Several of us have been preparing drafts for discussion that begin to
address
these issues.
Gary
