>Right, I'm just guessing, but I think Google is better served by SOAP since it doesn't have to go over SSL and they can still hide they users key better in the envelope. I'd have to check out how its actually implemented though.
>
Hide from who? POST doesn't hide things from a sniffer any better than GET does.
>>And why wouldn't you be able to be secure with the URI? SSL Encrypts the request as well as the response.
>
>Cause Google doesn't do SSL. Secure Socket Layer for the most heavily used search engine in the world? Somehow, I think they considered it, and decided it was a bad idea.
If we're talking specifically Google, than security's a minor issue. SOAP isn't any more secure than a simple GET.
Erik Moore
Clientelligence