[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [dsml] Draft 10/16
Thanks Christine. Couple issues I have. Section 6.0 SOAP Request/Response Binding. 1) SOAP headers SHOULD not be sent in requests and MUST be ignored by the recipient except in the case of a MustUnderstand. I'd like to know the reason for this approach. Today, it's reasonable to say that the SOAP Headers may not be too useful for DSMLv2 purposes. In fact, I agree, at this point we should not define any DSML SOAP-Header specifics, but we should not discourage SOAP implementer to understand and implement SOAP Headers (especially when they become standard). As SOAP evolves (SOAP-RP, SOAP-Sec, etc), the SOAP headers will be used intensively. Unless we will design DSML-SOAP Header specifics, in my view, we should not put any guideline in regard to SOAP Header. 2) Authentication in this binding is dependent on the transport that is used with SOAP. In particular, when using HTTP 1.1 the authentication information is transferred in accordance with RFC 2617 which covers Basic and Digest forms. It is recommended that TLS 1.0 (RFC 2246) be used in particular with the Basic form of authentication. >> This approach is very reasonable. But again, I have a similar concern. SOAP today does not define authentication mechanism, but should we define a guideline for this? Yes, I saw a few people implement SOAP authentication over HTTP using the approach described above, because SOAP does not define one. Each vendor should be free to implement it this way too, but my point is we should not prescribe it. Let the SOAP working groups define the authentication mechanism, but not us. Thanks. Andy. -----Original Message----- From: Christine Tomlinson [mailto:chris.tomlinson@sun.com] Sent: Tuesday, October 16, 2001 1:34 PM To: DSML version 2 Subject: [dsml] Draft 10/16 0) changed draft date 1) fixed spelling of Proxy Authorization and LDAPResultCode 2) moved requestID to attribute on BatchRequest and BatchResponse 3) added requestID attribute to SearchResponse 4) corrected batchResponse to batchRequest in section 5.2 Modify example of request 5) deleted Jeff's comments from section 7. File Binding 6) capitalized MUST/MAY etc in 8. Extensibility Guidelines 7) added Jon McGarvey's fix for responseOrder to schema and added his text to section 4. Top Level just prior to sub section Syntax Errors. 8) added statement that MUST et al are interpreted as in RFC 2119. To do: 1) bibliography and alignment of references 2) capitalize all MUSTs etc as needed. ciao, Christine
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC