[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: XML Binary Characterization WG public list available

• To: bob@w...
• Subject: Re: XML Binary Characterization WG public list available
• From: Rich Salz <rsalz@d...>
• Date: Tue, 13 Apr 2004 14:23:53 -0400
• Cc: ''xml-dev' DEV' <xml-dev@l...>
• In-reply-to: <008d01c42183$8fbdceb0$650aa8c0@BOBDEV>
• References: <008d01c42183$8fbdceb0$650aa8c0@BOBDEV>
• User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b) Gecko/20030507

> 	Of course, one of the nice things about using a binary format
> based on ASN.1 defined binary encodings is that the rules for
> canonicalization, encryption, signing, etc. are fully developed, have
> been in extensive use for many years, and are widely implemented. No
> invention or adaptation is required. The ASN.1 world dealt with all
> these issues long before XML even existed.

You talking about PKCS->S/MIME signatures?  If so, they're woefully 
inadequate.  For example, you can't sign a subset, you can't sign 
external references, there is no concept of Transformations, and 
probably others.

Many of the same folks who invented PKCS-S/MIME crypto invented XML 
DSIG, and they learned from the *mistakes and limitations* of those 
earlier efforts.

	/r$

-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

• References:
  • RE: XML Binary Characterization WG public list available
    • From: "Bob Wyman" <bob@w...>

• Prev by Date: RE: XML Binary Characterization WG public list available
• Next by Date: Re: Fast text output from SAX?
• Previous by thread: RE: XML Binary Characterization WG public list available
• Next by thread: RE: XML Binary Characterization WG public list available
• Index(es):
  • Date
  • Thread