[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Article About SOAP Security
> The idea is that we all buy firewalls that direct traffic at the > application layer as well. Coincidentaly MSFT showed one at RSA 2002. Heh, what a surprise. The irony though is that this is one of the points of the essay. If you want to filter traffic at layer 7, you need to know the semantics in play, which is pretty difficult if every app designs its own RPC interfaces. But if you don't tunnel (which doesn't preclude using SOAP except in the way that its currently being pushed), you can filter on a well-known interface (HTTP method and URI) quite effectively in a lot of scenarios and still solve most of the business problems that pure RPC will. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC