|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Rich & Elliotte were right, I was wrong
Dennis Sosnoski wrote: > This suggests to me that XML DSig is basically a questionable idea. Why > the obsession with text? It seems like doing this at the Infoset level > would be much simpler (and much more efficient). (XML DSIG and XML-Encryption are based on the XPath 1.0 model.) Cryptography works on bytes. Since there is no standard serialization for an Infoset, and since you can create infosets that are unserializable, you cannot build cryptographic functions such as signature and encryption without first solving those problems. Or, you can say that the fact that security relies on bytes means that the whole infoset approach will fail because security is more important than an abstract information model. :) /r$ -- Rich Salz, Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||

Cart








