Microsoft IIS v7 Details Emerge

daria42 writes "According to several .NET and Longhorn bloggers, the next version of Microsoft's IIS web server will integrate ASP.NET and turn many core features into optional modules in order to provide a smaller security footprint for hackers to attack. In addition, the software's admin tool has been completely revamped, and will allow Web-based remote administration utilising SSL."

Re:oxymoronic?

[ergo98]

Opening up your application, let alone your OS for remote hacking.

Well most servers have remote desktop enabled, and web administration of IIS has existed since IIS 5. I think the point was moreso that you'll be able to fully configure your site. One of the issues, mentioned in the article, that IIS currently has is that there is a disconnect, and overlap, between the settings necessary in IIS and ASP.NET to configure a site properly, and it would be nice if they merged them (which really would be mapping some of the IIS metabase XML into the Web.Config).

Reading this article, I'm still not sure what the real message is- You can already create fully managed handlers and modules for IIS, and the idea of it being pulled "into" IIS is frightening, actually (IIS 6 is a gorgeous design because it is like a microkernel web architecture, with an extremely minimalist server module and cache that communicates to external modules to handle things like ASP.NET processing). I suspect some information was misunderstood.