Slashdot Mirror

← Back to Stories (view on slashdot.org)

XML Web Services & Security

Posted by Hemos on Wednesday May 15, 2002 @08:27AM from the where-does-the-world-go-to dept.

Handy writes "Web Services (SOAP, .net, WSDL^?, UDDI^?) create an even greater need for robust security. Exposed interfaces and fragmented administration coupled with a need for app-level security points to a greater need for a centralized managed security services model."

1 of 118 comments (clear)

Min score:

Reason:

Sort:

Maybe I'm missing something . . . by MaxwellStreet · 2002-05-15 09:18 · Score: 4, Interesting

I really don't know (flame gently if I'm being ignorant), but I'm hoping someone can explain this simply.

If https is secure... and xml/soap is http-based... what's the giant technical leap preventing https transmission of soap/xml packets?

Also, if you're doing business with say, a vendor of yours, what's stopping the both of you from encrypting the body of the soap messages on both sides by means of a PGP key or something?

I'm just curious as to why the issue seems to be reasonably solved with http web traffic, but isn't with SOAP...