Hi Anne, On Thursday, February 22, 2007, at 03:31PM, "Anne Thomas Manes" <[EMAIL PROTECTED]> wrote: >Yes -- and the same is true of a SOAP message. >Typically, SOAP interchanges are stateless. (And they should be.)
But the meaning of a SOAP message depends on the recipient's interface semantics and these are not controllable by the sender. IOW, when you invoke getStockOrder() how can you ever be sure what the meaning of getStockOrder() is? And even if there is some published definition, how do you know it does not change at the very instant you send your message? You cannot get message self descriptiveness without a uniform interface constraint. Jan >Therefore the order request will indicate what's being ordered. > >Anne > >On 2/21/07, Jan Algermissen <[EMAIL PROTECTED]> wrote: >> >> >> On 21.02.2007, at 12:38, Paul Fremantle wrote: >> >> Good answer Steve. >> >> I have a question for Jan. When you order the pizza over the phone how do >> you prove you didn't buy a house? >> >> >> Well, assumed I have a witness for what I said, the uttering of "this is a >> pizza order, let me have a large magaritha" should sufficiently prove and >> state my intent - it is self descriptive (which is a property of all >> business documents, BTW). >> >> Jan >> >> >> >> >> >> Paul >> >> On 2/21/07, Steve Jones <[EMAIL PROTECTED]> wrote: >> > >> > Assuming you are using SAML and WS-Security and have kept a log of the >> > messages then its fine as this will contain both their authentication and >> > your own. >> > >> > If however you didn't use security and its an open exchange then you are >> > just going to have fun in the courts. This is one of the key things about >> > Trust (and one of the reasons that security != HTTPS), before you start a >> > transaction you need to trust the other party to deliver or trust that you >> > have recourse if something goes wrong. This plays back to something I >> > asked >> > at a conference back in 2001 (IIRC) (just after my dad had seen a >> > presentation on WS and said "so why is ASCII RPC now a good idea?"). The >> > presenter had outlined the holy trinity of WS including UDDI and talked of >> > a >> > "business" scenario where you would discover automatically a credit card >> > clearance company and select the cheapest one and then complete the >> > transaction. My point then was that this is bollocks as ! if that were >> > true >> > then I'd set up the world's cheapest credit card clearing company in >> > somewhere with no extradition treaties and then fleece the world. >> > >> > Trust and validity are serious and difficult concepts, its fine for >> > people to argue about document shifting approach X v Y, but if they don't >> > provide a framework for Trust and validity on top of that base then its a >> > pointless argument. >> > >> > SAML, WS-Security, WS-Trust and a decent set of audit logs. >> > >> > Steve >> > >> > >> > >> > On 21/02/07, Jan Algermissen < [EMAIL PROTECTED]> wrote: >> > > >> > > Hi, >> > > >> > > if have SOA-ordered a pizza the other day but yesterday I learned I >> > > sold my house..... >> > > >> > > How do I prove in court that my digitally signed pizza order was >> > > indeed a pizza order and not (as the recipient claims) a house sale? >> > > >> > > Jan >> > > >> > > >> > >> >> >> -- >> Paul Fremantle >> VP/Technology, WSO2 and OASIS WS-RX TC Co-chair >> >> http://bloglines.com/blog/paulfremantle >> [EMAIL PROTECTED] >> >> "Oxygenating the Web Service Platform", www.wso2.com >> >> >> >> >
