SOAP security is just one of the areas that Microsoft has made suggestions for: http://msdn.microsoft.com/ws/2001/10/Routing/ http://msdn.microsoft.com/ws/2001/10/Referral/ http://msdn.microsoft.com/ws/2001/10/Security/ http://msdn.microsoft.com/ws/2001/10/License/
> -----Original Message----- > From: Christian Geuer-Pollmann > [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 09, 2002 6:27 AM > To: [EMAIL PROTECTED] > Cc: Edward Yeboah > Subject: RE: SOAP security > > > Currently, we're working an an interface between the xml-axis and > xml-security projects. > > What do you mean by "authentication of SOAP services sn under > review" ? > > > Christian > > --On Mittwoch, 9. Januar 2002 09:32 +0000 Edward Yeboah > <[EMAIL PROTECTED]> wrote: > > > Actually, this is an area I am working on. > > > > However, our requirement is for permissioning of services > to groups of > > client hosts. > > > > SSL simply ensures that the messages cannot be tapped. > > > > I believe authentication of SOAP services in under review. > > > > Edward > > > >> -----Original Message----- > >> From: Christian Geuer-Pollmann > >> [mailto:[EMAIL PROTECTED]]On Behalf > Of Christian > >> Geuer-Pollmann > >> Sent: 02 January 2002 15:51 > >> To: [EMAIL PROTECTED] > >> Subject: RE: SOAP security > >> > >> > >> As always, the answer depends on your security requirements: > >> What do you > >> want to 'secure'? > >> > >> Confidentiality while 'traveling' through the internet? > >> Right, SSL is the > >> correct choice. > >> > >> Non-repudiation or authentication or integrity? SSL wont do > >> that. Use XML > >> Signature. > >> > >> Real end-to-end-confidentiality: Use XML Encryption. > >> > >> > >> For a full-blown XML Signature implementation look @ > >> http://xml.apache.org/security/ > >> > >> Christian > >> > >> --On Mittwoch, 2. Januar 2002 08:03 -0700 > >> [EMAIL PROTECTED] wrote: > >> > >> > Just use SSL and it is good. > >> > > >> > -----Original Message----- > >> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > >> > > >> > I wonder the security of the SOAP on the Internet. > >> > > > > >
