[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: md5sum / sha1sum for XML?
On Mon, 2006-07-17 at 10:46 -0400, Richard Salz wrote: > Or you sign the data. Now the only thing the receipient has to do is have > out-of-band knowledge about either the certificate doing the signing, or > the CA that generates the signing certificate(s). Both of these are > examples of indirection. With out-of-band XXXsum, you have to "securely" > convey that for every payload; with a certificate, you only have to do > that when the certificate changes, the one you're seeing expires, or when > you think it might be compromised; with a CA certificate, you can have > multiple signers and/or renewal of existing signers. > > Each level of indirection reduces the amount of work you have to do > per-message, but increases the risk of exposure if something goes wrong > (such as an adversary getting access to a private key). Sometimes the > choice is easy -- an authoritative website can easily publish a list of > digests for various releases -- and sometimes the tradeoffs are harder to > determine. Yeah, I know. I'm personally a big fan of OpenSSL and I do VPNs for Customers on an almost weekly basis. It's definitely good stuff and when I tried signing some documents to my surprise it even worked. I make up certificates each week for VPN access and it all seems quite neat. But I work for smaller companies and their priorities with XML are just so completely different. Most just don't want to know unless there is some definite business benefit. Most are in panic stations at the moment. So much data coming out of China now. So much.. so fast.. what to do? Now my little pastime has become converting all the price data that comes into clients businesses into XML so that it can become vaguely useful. If you can't get it all in XML in the first place, then convert it when it arrives. I worked it out the other day. One of the businesses that I do work for has 300 suppliers with an average of 5,000 product items each. That's about 1,500,000 million product items to look after. And we're just talking about a business pretty much like a Garden Centre or a Power Tool shop. I'd say that most small businesses these days in a western/asian country would have about that many pieces of product information to deal with. It's quite a lot. Small business is being over-run by data. In fact, the more computers, the more data there seems to be. It just seems that xml is a perfect tool to use to cut-it all up into little pieces and do something with it. That's what I think anyway.. I wish I had time for md5sum, but the data just keeps coming in too fast... so so fast lah :-) David
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|