Currently, we're working an an interface between the xml-axis and xml-security projects.
What do you mean by "authentication of SOAP services sn under review" ? Christian --On Mittwoch, 9. Januar 2002 09:32 +0000 Edward Yeboah <[EMAIL PROTECTED]> wrote: > Actually, this is an area I am working on. > > However, our requirement is for permissioning of services to groups of > client hosts. > > SSL simply ensures that the messages cannot be tapped. > > I believe authentication of SOAP services in under review. > > Edward > >> -----Original Message----- >> From: Christian Geuer-Pollmann >> [mailto:[EMAIL PROTECTED]]On Behalf Of Christian >> Geuer-Pollmann >> Sent: 02 January 2002 15:51 >> To: [EMAIL PROTECTED] >> Subject: RE: SOAP security >> >> >> As always, the answer depends on your security requirements: >> What do you >> want to 'secure'? >> >> Confidentiality while 'traveling' through the internet? >> Right, SSL is the >> correct choice. >> >> Non-repudiation or authentication or integrity? SSL wont do >> that. Use XML >> Signature. >> >> Real end-to-end-confidentiality: Use XML Encryption. >> >> >> For a full-blown XML Signature implementation look @ >> http://xml.apache.org/security/ >> >> Christian >> >> --On Mittwoch, 2. Januar 2002 08:03 -0700 >> [EMAIL PROTECTED] wrote: >> >> > Just use SSL and it is good. >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >> > >> > I wonder the security of the SOAP on the Internet. >>
