Re: Partyin' like it's 1999

To: Elliotte Harold <elharo@m...>
Subject: Re: Partyin' like it's 1999
From: Sean McGrath <sean.mcgrath@p...>
Date: Wed, 27 Oct 2004 15:17:25 +0100
Cc: xml-dev@l...
In-reply-to: <417FA999.4070608@m...>
Organization: Propylon
References: <417F8F4A.3000407@p...> <417F9905.3080400@m...> <417F9BAD.5060503@p...> <417FA999.4070608@m...>
Reply-to: sean.mcgrath@p...
User-agent: Mozilla Thunderbird 0.6 (Windows/20040502)

Play the video

Elliotte Harold wrote:

> Sean McGrath wrote:
>
>
>> The use case here is transmitting XML-based messages from one service 
>> to another service on a Service Oriented Architecture and doing it in 
>> such a way that (a) it is possible to be sure that a message routed 
>> "straight through" has not been tampered with and yet (b) the XML is 
>> fully visibile - not a lump of attatchment goo - for the purposes of 
>> intelligent routing.
>
>
> This sounds like exactly what XML digital signatures is supposed to do.

Yes - specifically the canonicalisation bit.

> If that doesn't work, then treat the document as read-only data, and 
> wrap it in a MIME envelope (a.k.a XOP) along with a digital signature 
> over the binary form of the data.

That is precisely what I'm trying to avoid. I think it is silly that we 
end up using binary attachments in order to work around the fact that we 
cannot sanely process XML losslessly.

>
>
>> Equally important is the fact that an intermediating service can 
>> add/modify/delete content from the XML instance without doing damage 
>> to the untouched parts of the instance.
>
>
> I'm not sure I see how this is compatible with the need to route 
> straight through without tampering.

Both "straight thru" and "intervened" are use cases in the SOA 
architecture I'm advocating. An introductory paper is available at:
http://sdec.reach.ie/papers if you are interested. Comments welcome.

> But again, this is a use case XML digital signatures attempts to 
> address. Why is that not working for you?
>
If you look at the RIG 2 document you will see that the requirements of 
RCF compliance are expressed in terms of constrains over and above W3C 
XML canonicalisation. In particular, I want to avoid the complexities 
that result from combining  XML 1.0  canonicalisation with namespaces 
(e.g. Exclusive XML canonicalization :-)

Any document that is RCF compliant is also XML canonicalisation 
compliant but not the other way around.

regards,
Sean



-- 
http://seanmcgrath.blogspot.com

Follow-Ups:
- Re: Partyin' like it's 1999
  - From: Rich Salz <rsalz@d...>

References:
- Re: Partyin' like it's 1999
  - From: Sean McGrath <sean.mcgrath@p...>
- Re: Partyin' like it's 1999
  - From: Elliotte Harold <elharo@m...>
- Re: Partyin' like it's 1999
  - From: Sean McGrath <sean.mcgrath@p...>
- Re: Partyin' like it's 1999
  - From: Elliotte Harold <elharo@m...>

Prev by Date: Re: After XQuery, are we done?
Next by Date: RE: Partyin' like it's 1999
Previous by thread: Re: Partyin' like it's 1999
Next by thread: Re: Partyin' like it's 1999
Index(es):
- Date
- Thread

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Subscribe in XML format

RSS 2.0
Atom 0.3

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.

Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >