xml-dev - RE: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a

RE: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a

[ Lists Home | Date Index | Thread Index ]

To: 'Mike Champion' <mc@xegesis.org>, xml-dev@lists.xml.org
Subject: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
From: "Bullard, Claude L (Len)" <clbullar@ingr.com>
Date: Thu, 30 May 2002 17:05:50 -0500

The question might be, is it possible that markup 
leaves signposts in encrypted data that make them a security 
risk?

Someone who understands encryption would have to answer that. 
The article is not that informative but it is an interesting 
question.

len

From: Mike Champion [mailto:mc@xegesis.org]

Well ... the headline is pretty misleading, and the self-serving quotes from a single vendor
indicate a bit of laziness on the part of the author.  More substantively,
the gist of it seems to be that XML makes "security through obscurity" harder to
achieve.  I am no security expert, but I thought that "security through obscurity" was a
total loser in the first place. At worst, XML merely slaps people in the face and 
says "Deal with it, don't pretend that no one can figure out your unencrypted
messages."

Follow-Ups:
- Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
  - From: Rich Salz <rsalz@datapower.com>
- Re: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back!It's a trap!
  - From: Mike Champion <mc@xegesis.org>

Prev by Date: Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It'sa trap!
Next by Date: Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
Previous by thread: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
Next by thread: Re: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back!It's a trap!
Index(es):
- Date
- Thread