Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Rich & Elliotte were right, I was wrong
 Rich Salz wrote: >Dennis Sosnoski wrote: > > >>This suggests to me that XML DSig is basically a questionable idea. Why >>the obsession with text? It seems like doing this at the Infoset level >>would be much simpler (and much more efficient). >> >> > >(XML DSIG and XML-Encryption are based on the XPath 1.0 model.) > >Cryptography works on bytes. Since there is no standard serialization >for an Infoset, and since you can create infosets that are >unserializable, you cannot build cryptographic functions such as >signature and encryption without first solving those problems. > Well, on the bright side I guess the extreme overhead of basing DSIG and Encryption on XPath rather than some standardized serialization of the Infoset means there's a growing market for appliances to take over the processing... but I guess you already know that. :-) >Or, you can say that the fact that security relies on bytes means that >the whole infoset approach will fail because security is more important >than an abstract information model. :) > > > I'd suspect that any reasonable implementation of c14n is actually working at a level equivalent to the Infoset internally, anyway - it just serializes the Infoset out following the special rules for c14n XML. Is there any other way of handling c14n that's not equivalent to this? - Dennis 
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
