[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: RE: The sky is falling! XML's dirty secret! Go back!It's

• To: xml-dev@l...
• Subject: Re: RE: The sky is falling! XML's dirty secret! Go back!It's a trap!
• From: Mike Champion <mc@x...>
• Date: Thu, 30 May 2002 18:46:13 -0400
• In-reply-to: <2C61CCE8A870D211A523080009B94E430752B505@HQ5>

5/30/2002 6:05:50 PM, "Bullard, Claude L (Len)" <clbullar@i...> wrote:


>Someone who understands encryption would have to answer that. 
>The article is not that informative but it is an interesting 
>question.

I don't know much about encryption, but from reading about
cryptanalysis in WWWII it would appear that having a "crib"
(a bit of known plaintext) is a useful shortcut to breaking a cipher.
The tags in an XML message are likely to be known (or easily
guessable) by an attacker.  So, a straightforward encryption of
an entire XML message might be considerably less secure than
an encryption of a non-self-describing message.  

I was sortof wondering if that was what was being implied in
the article, but it was never stated clearly.

• Follow-Ups:
  • Re: RE: The sky is falling! XML's dirty secret! Go back! It's a trap!
    • From: Christian Nentwich <c.nentwich@c...>
  • Re: The sky is falling! XML's dirty secret! Go back! It's a trap!
    • From: Uche Ogbuji <uche.ogbuji@f...>
  • Re: RE: The sky is falling! XML's dirty secret! Go back!It's a trap!
    • From: "Simon St.Laurent" <simonstl@s...>

• References:
  • RE: The sky is falling! XML's dirty secret! Go back! It's a trap!
    • From: "Bullard, Claude L (Len)" <clbullar@i...>

• Prev by Date: Re: The sky is falling! XML's dirty secret! Go back! It's a trap!
• Next by Date: Re: RE: The sky is falling! XML's dirty secret! Go back!It's a trap!
• Previous by thread: RE: The sky is falling! XML's dirty secret! Go back! It's a trap!
• Next by thread: Re: RE: The sky is falling! XML's dirty secret! Go back!It's a trap!
• Index(es):
  • Date
  • Thread