Re: Soap - Was RPCs over HTTPS through the firewall

[Mason Schmitt <hr824 () sunwave net>]

On Fri, 2003-05-02 at 06:52, Marcus J. Ranum wrote:
> Mason Schmitt wrote:
> > What I'm curious about is whether the members of this list have any
> > concerns with soap as a method of doing RPC and whether there are any
> > firewall concerns.
>
> No concerns - Soap is from Microsoft, so it's OK.
> Remember, Microsoft got serious about security last year, and fixed
> all the flaws in thier code. I think they spent a whole month or something
> like that doing it. I'm sure that Soap's fine, now.
I'm sure that a month is more than enough time to bring the whole
windows family up to an acceptable level of security...  Look at how
they solved the attachment issue in outlook - just don't allow people
the option of receiving attachments.  Grrr...

All joking aside though, didn't soap grow out of XML RPC?  Not that that
necessarily means anything from a security standpoint...  I'm just
wondering if anyone has any caveats concerning soap that I may be
missing.


Mason

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards