I'm not entirely sure what the xml-rpc spec says, but
I've found that in py-xmlrpc there is a (seemingly to
me) arbitrary limit on the number of parameters that
get passed. If a remote function has six parameters,
py-xmlrpc clients freak because the two extra
parameters are begin interpreted as something
else...this also seems to be a possible security hole.