OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dsml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [dsml] Draft 10/16

Thanks Christine.

Couple issues I have. Section 6.0  SOAP Request/Response Binding.

1) SOAP headers SHOULD not be sent in requests and MUST be ignored by
the
recipient except in the case of a MustUnderstand. 

I'd like to know the reason for this approach. Today, it's reasonable to
say that the SOAP Headers may not be too useful for DSMLv2 purposes. In
fact, I agree, at this point we should not define any DSML SOAP-Header
specifics, but we should not discourage SOAP implementer to understand
and implement SOAP Headers (especially when they become standard). As
SOAP evolves (SOAP-RP, SOAP-Sec, etc), the SOAP headers will be used
intensively. 

Unless we will design DSML-SOAP Header specifics, in my view, we should
not put any guideline in regard to SOAP Header. 



2) Authentication in this binding is dependent on the transport that is
used with SOAP. In particular, when using HTTP 1.1 the authentication
information is transferred in accordance with RFC 2617 which covers
Basic and Digest forms. It is recommended that TLS 1.0 (RFC 2246) be
used in particular with the Basic form of authentication.

>> This approach is very reasonable. But again, I have a similar
concern.  SOAP today does not define authentication mechanism, but
should we define a guideline for this? Yes, I saw a few people implement
SOAP authentication over HTTP using the approach described above,
because SOAP does not define one. Each vendor should be free to
implement it this way too, but my point is we should not prescribe it.
Let the SOAP working groups define the authentication mechanism, but not
us. 


Thanks. 
Andy.





-----Original Message-----
From: Christine Tomlinson [mailto:chris.tomlinson@sun.com] 
Sent: Tuesday, October 16, 2001 1:34 PM
To: DSML version 2
Subject: [dsml] Draft 10/16

0) changed draft date
1) fixed spelling of Proxy Authorization and LDAPResultCode
2) moved requestID to attribute on BatchRequest and BatchResponse
3) added requestID attribute to SearchResponse
4) corrected batchResponse to batchRequest in section 5.2 Modify example
of request
5) deleted Jeff's comments from section 7. File Binding
6) capitalized MUST/MAY etc in 8. Extensibility Guidelines
7) added Jon McGarvey's fix for responseOrder to schema and added his
text to section 4. Top Level just prior to sub section Syntax Errors.
8) added statement that MUST et al are interpreted as in RFC 2119.

To do:
1) bibliography and alignment of references
2) capitalize all MUSTs etc as needed.

ciao,
Christine

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC