 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
83 messages in org.w3.www-tagRE: FW: draft findings on Unsafe Meth...| From | Sent On | Attachments |
|---|---|---|
| Dan Connolly | Apr 15, 2002 8:50 am | |
| Larry Masinter | Apr 15, 2002 1:44 pm | |
| David Orchard | Apr 15, 2002 3:01 pm | |
| David Orchard | Apr 15, 2002 3:19 pm | |
| Mark Baker | Apr 15, 2002 8:00 pm | |
| Keith Moore | Apr 15, 2002 8:37 pm | |
| Scott Cantor | Apr 15, 2002 9:28 pm | |
| Edwin Khodabakchian | Apr 15, 2002 9:34 pm | |
| David Orchard | Apr 15, 2002 10:18 pm | |
| Paul Prescod | Apr 15, 2002 11:17 pm | |
| Tim Bray | Apr 15, 2002 11:32 pm | |
| Mark Nottingham | Apr 16, 2002 1:01 am | |
| Tim Bray | Apr 16, 2002 1:02 am | |
| Mark Nottingham | Apr 16, 2002 1:09 am | |
| Paul Prescod | Apr 16, 2002 2:11 am | |
| Paul Prescod | Apr 16, 2002 3:02 am | |
| Mark Baker | Apr 16, 2002 4:54 am | |
| Williams, Stuart | Apr 16, 2002 8:22 am | |
| Keith Moore | Apr 16, 2002 8:32 am | |
| jon...@research.att.com | Apr 16, 2002 8:44 am | |
| Scott Cantor | Apr 16, 2002 8:55 am | |
| Paul Prescod | Apr 16, 2002 9:40 am | |
| Mark Nottingham | Apr 16, 2002 9:42 am | |
| Hutchison, Nigel | Apr 16, 2002 9:43 am | |
| Henrik Frystyk Nielsen | Apr 16, 2002 10:48 am | |
| Bullard, Claude L (Len) | Apr 16, 2002 1:46 pm | |
| Larry Masinter | Apr 16, 2002 6:39 pm | |
| Roy T. Fielding | Apr 16, 2002 7:54 pm | |
| Larry Masinter | Apr 16, 2002 10:10 pm | |
| Graham Klyne | Apr 17, 2002 1:54 am | |
| Paul Prescod | Apr 18, 2002 12:33 am | |
| Graham Klyne | Apr 18, 2002 9:11 am | |
| Alex Rousskov | Apr 18, 2002 9:30 am | |
| Paul Prescod | Apr 18, 2002 9:45 am | |
| Graham Klyne | Apr 18, 2002 11:58 am | |
| Roy T. Fielding | Apr 18, 2002 3:11 pm | |
| Don Box | Apr 18, 2002 6:28 pm | |
| Mark Baker | Apr 18, 2002 8:50 pm | |
| Keith Moore | Apr 18, 2002 8:54 pm | |
| Paul Prescod | Apr 18, 2002 10:00 pm | |
| Graham Klyne | Apr 19, 2002 12:53 am | |
| Bill de hÓra | Apr 19, 2002 4:18 am | |
| Roy T. Fielding | Apr 19, 2002 1:20 pm | |
| Anne Thomas Manes | Apr 22, 2002 3:23 pm | |
| Paul Prescod | Apr 22, 2002 4:01 pm | |
| Anne Thomas Manes | Apr 22, 2002 8:17 pm | |
| Paul Prescod | Apr 22, 2002 10:21 pm | |
| Anne Thomas Manes | Apr 23, 2002 5:36 am | |
| Paul Prescod | Apr 23, 2002 12:03 pm | |
| Paul Prescod | Apr 23, 2002 2:09 pm | |
| Roy T. Fielding | Apr 23, 2002 2:14 pm | |
| Bullard, Claude L (Len) | Apr 23, 2002 2:50 pm | |
| Joshua Allen | Apr 23, 2002 2:53 pm | |
| David Orchard | Apr 23, 2002 4:14 pm | |
| Keith Moore | Apr 23, 2002 5:05 pm | |
| Roy T. Fielding | Apr 23, 2002 5:14 pm | |
| Simon St.Laurent | Apr 23, 2002 5:18 pm | |
| Larry Masinter | Apr 23, 2002 6:31 pm | |
| Mark Baker | Apr 23, 2002 6:36 pm | |
| Paul Prescod | Apr 23, 2002 8:03 pm | |
| Tim Bray | Apr 23, 2002 8:30 pm | |
| Dan Connolly | Apr 23, 2002 9:05 pm | |
| Joshua Allen | Apr 23, 2002 9:10 pm | |
| Anne Thomas Manes | Apr 23, 2002 9:28 pm | |
| Mark Nottingham | Apr 23, 2002 9:42 pm | |
| Jeff Bone | Apr 23, 2002 9:42 pm | |
| Joshua Allen | Apr 23, 2002 10:02 pm | |
| Paul Prescod | Apr 23, 2002 10:05 pm | |
| Joshua Allen | Apr 23, 2002 10:27 pm | |
| Joshua Allen | Apr 23, 2002 10:38 pm | |
| Mark Nottingham | Apr 23, 2002 10:57 pm | |
| Mark Nottingham | Apr 23, 2002 11:16 pm | |
| Joshua Allen | Apr 23, 2002 11:20 pm | |
| Dan Connolly | Apr 23, 2002 11:23 pm | |
| Tim Bray | Apr 23, 2002 11:56 pm | |
| Bullard, Claude L (Len) | Apr 24, 2002 7:23 am | |
| Larry Masinter | Apr 24, 2002 8:47 am | |
| Keith Moore | Apr 24, 2002 10:46 am | |
| Bullard, Claude L (Len) | Apr 24, 2002 10:56 am | |
| Aaron Swartz | Apr 24, 2002 11:27 am | |
| Mike Dierken | Apr 24, 2002 12:06 pm | |
| David Orchard | Apr 25, 2002 10:54 am | |
| Roy T. Fielding | May 5, 2002 3:38 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | RE: FW: draft findings on Unsafe Methods (whenToUseGet-7) | Actions... |
|---|---|---|
| From: | Bullard, Claude L (Len) (clbu...@ingr.com) | |
| Date: | Apr 24, 2002 10:56:10 am | |
| List: | org.w3.www-tag | |
That is a possible approach. Also, I think encouraging a clear distinction is the right thing to do simply from an engineering documentation perspective if no other in order to clarify what is and is not and can and cannot be warrantied.
When this topic originally came up on XML-Dev, I responded with the following suggestions:
1. Training before development of web services. 2. Inspection prior to deployment of web services. 3. Security testing suites. 4. Properly constructed contracts for web services that include security provisions and remediation clauses.
This does not address issues before the TAG at this time, but it may be good advice at this time to those who want to work with SOAP and need to do the right things to do that. At the very least, vendors of SOAP products must understand clearly their responsibilities to their customers.
How hard will it be for a proxy listening for SOAP messages to inspect them to ensure they are appropriate? Is authentication of source of request sufficient? I understand the requests to minimize traffic here. If this is an improper question for this list, and there are responses, perhaps this is best answered on XML-Dev.
len
-----Original Message----- From: Keith Moore [mailto:moo...@cs.utk.edu]
A system that does not correspond to an architecture operates outside that architectural scope and that may be all that needs to be said.
that, and the system may not interoperate well with things that were designed to be compatible with the architecture...and to minimize confusion it may be desirable to encourage a visible distinction between the two.
for example, if if is the case that SOAP breaks assumptions made by things that listen on port 80, perhaps it's better if people are encouraged to run SOAP on another port. that way, SOAP-aware things need not fight with HTTP-aware things.