OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 

 
   RE: [xml-dev] XHTML adoption curve

[ Lists Home | Date Index | Thread Index ] 


> -----Original Message-----
> From: Doug Ransom 
> Sent: Wednesday, April 17, 2002 1:48 PM
> To: 'Peter V. Mikhalenko'
> Subject: RE: [xml-dev] XHTML adoption curve
> 
> 
> SSL can be used to provide authenticated transfer of the 
> document, but it also involves encryption (expensive) and 
> specific web server configurations.  In contrast, a content 
> developer could use their x.509 certificate to sign their 
> HTML page during editing, so there are no specific web server 
> integration issues -- the author of the document is 
> seperately identified from the owner of the web site.  
> 
> By having signed documents in a browser, users can verify the 
> author of the document without SSL.  Companies with 
> information, like etrade, might use this technology so people 
> know the data they are looking at is real, not faked by 
> someone who registered etrae.com etc. If the signing 
> technology is available and big delivery firms like etrade 
> can get value out of it, browser vendors are likely to 
> support signature verification -- they already can deal with 
> PKI anyway so the leap is not huge.
> 
> X.509 certificates can be used for many PKI purposes beyond 
> SSL -- I use free ones from thawte for secure email,they are 
> used for code signing, etc.  X.509 certs will be used for XML 
> signing, so an XHTML module would be a good start.
> 
> 
> 
> > -----Original Message-----
> > From: Peter V. Mikhalenko [mailto:xml-dev@sigent.ru]
> > Sent: Monday, April 15, 2002 5:17 PM
> > To: Doug Ransom
> > Subject: Re: [xml-dev] XHTML adoption curve
> > 
> > 
> > Hello, Doug!
> > 
> >  DR> I thought of a little carrot that might help improve the HTML
> >  DR> developer affinity for XHTML:  Signed XHTML.  If XHTML 
> pages were
> >  DR> signed in a specific manner with using x.509 based 
> PKI, browsers
> >  DR> could inform users they can trust the content of the page.
> > 
> > So what about SSL Certificates (using X.509)? Browsers DO 
> > inform users they
> > can trust the content of the page. Yeah, they are working 
> only in the
> > transport layer, but I think it is a good idea to certify the 
> > source, not
> > the document.
> > 
> > 
> > __
> > Peter V. Mikhalenko
> > Lead Developer
> > Sigent Interactive Agency
> > peter@sigent.ru
> > 
>

 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS