Cart
[Home] [By Thread] [By Date] [Recent Entries]
Hi Dave, I've come in at the tail end of the question, but I what is it you are trying to achieve? These days, if a xml document has been sent from A to B, using pretty much any protocol, it would have gone through many many crc and integrity checks. Each tcp/ip packet gets it - each file etc. Data corruption is much less of an issue than it was ever was even since the days of Kermit and x/zmodem. Actually, when I think back, my grandfather used to lay telephone lines across the country. Sometimes the phones would run over a wire fence. At least there would be a signal. It wasn't crash hot. He would replace them with proper phone lines. Anyway, towards the end of his life, this goes back a few years now, I remember him telling me, "Best way to fix that sort of problem now is just install a satellite dish. What we did wouldn't be done anymore" I thought I would just add that... because I thought it was a funny but true story. That was my grandfathers time. Things are different now. I'm sure there are some modern communications facilities where you live? what island are you living on? :-) On Thu, 2006-07-13 at 17:50 +0100, Dave Pawson wrote: > On Wed, 2006-07-12 at 21:50 -0400, Richard Salz wrote: > > Actually, look at 'exclusive canonicalization.' Interop shouldn't be a > > problem. It's c14n modified to handle the case of embedding your payload > > within some other XML (e.g., SOAP). > > Except that it's the ancestry that's of little interest Rich? > 'applied to a subdocument, includes the subdocument's ancestor context > including all of the namespace declarations and attributes in the "xml:" > namespace.' > > I'm transporting a document from server A to B. > The wrapper is of import insofar as metadata is concerned. > the 'payload' is my interest. > > I'm pretty convinced that md5sum (bit like me) is pretty old 'ish, > > I'm looking for the younger prettier replacement. > Does xml sig provide the reassurance that md5sum did? > http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/#def-Integrity > <quote>"The property that data has not been changed, destroyed, or lost > in an unauthorized or accidental manner." [SEC] A simple checksum can > provide integrity from incidental changes in the data; message > authentication is similar but also protects against an active attack to > alter the data whereby a change in the checksum is introduced so as to > match the change in the data. </quote> > > Seems to be about right? digSig == md5sum for y21K? > I want the metadata to include the magic signature, > then the payload, as sent, and as verified by the author(ity) > and me (as cynic) at the receiving end? > > Do we have implementations and experience that says it works? > > >
|
