Man, I am still trying to understand SOAP, but it is almost definitely a super subversive protocol from a networking perspective. I understand why it exists, but the more people try to alleviate problems on the basis of the application layer and don't try to address it further down the more they are creating additional security issues. As usual, security is not on the list of important issues. . . developerWorks: Web services | Java technology : Apache SOAP type mapping, Part 1: Exploring Apache's serialization APIs |