XML Eye for the Object Guy

Tim Ewald embraces the XML lifestyle...

Browse by Tags

Tagged Content List
  • Blog Post: I need to clarify...

    Reading Micheal M's comment, I realized that I was not clear enough in my last post.When I said I didn't want to think about security, I meant as a plumber . Part of my responsibility as the designer or developer of an application is, as Micheal M, says, to think about everything as a possible security...
  • Blog Post: "But I'm a plumber..."

    I've spent a lot of time with WS-Security lately, partly because of the bruhaha over its use in MsComService , and partly because I'm digging more deeply into WSE 2.0. Like most of my friends (and a penguin Gudge knows), I'm a plumber. I like spending time thinking about how to program with XML messages...
  • Blog Post: Changes in the works...

    Sam welcomed me back  to the blogosphere... Your points are well taken. People here are very aware of the fact that developers may well look to Microsoft.com's services as an example to emulate, so they try to make sure they do the right thing. In this case, there's a been a lot of confusion...
  • Blog Post: One more thing...

    Someone pointed out that signing a message wouldn't actually solve the all the issues Simon raised. It would stop someone from tampering with a message, but it wouldn't stop someone from replaying a message. You need to take additional steps to protect against that as noted on this thread at Sam...
  • Blog Post: Using UsernameToken with the new microsoft.com Web service

    I spent my summer deep in an engineering project, the purpose of which will come to light in coming months. Now that the first phase of that work is complete, I have time to start posting again. And what better place to start than by answering questions raised by Simon Fell's recent post about the...
Page 1 of 1 (5 items)