Re: SOAP-RPC and REST and security

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: Dare Obasanjo <dareo@m...>
Subject: Re: SOAP-RPC and REST and security
From: Francis Norton <francis@r...>
Date: Thu, 21 Feb 2002 10:56:36 +0000
Cc: zkenyon@s..., xml-dev@l...
References: <8BD7226E07DDFF49AF5EF4030ACE0B7E05573B50@r...>
Reply-to: francis@r...
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4) Gecko/20011019 Netscape6/6.2

Dare Obasanjo wrote:

> 
> It's one thing to be against clients remotely executing code on a server
> and another to scapegoat SOAP in an ill-conceived attempt to garner
> negative press towards a misunderstood technology. 
> 
> After all, buffer overflows are possible in all web applications written
> in unsafe languages. Whether they use SOAP or not is inconsequential. 
> 

I would suggest that one of the security advantages of Web Services is that you can specify the lengths and types of all fields using XML Schema, and that you use a robust third-party component to parse and validate the actual data.

Francis.

Follow-Ups:
- Re: SOAP-RPC and REST and security
  - From: Paul Prescod <paul@p...>

References:
- RE: SOAP-RPC and REST and security
  - From: "Dare Obasanjo" <dareo@m...>

Prev by Date: Re: Traditional RPC
Next by Date: Re: Re: [namespaceDocument-8] 14 Theses
Previous by thread: RE: SOAP-RPC and REST and security
Next by thread: Re: SOAP-RPC and REST and security
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >