Re: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back!It's a trap!

[Mike Champion <mc@xegesis.org>]

5/30/2002 6:05:50 PM, "Bullard, Claude L (Len)" <clbullar@ingr.com> wrote:


>Someone who understands encryption would have to answer that. 
>The article is not that informative but it is an interesting 
>question.

I don't know much about encryption, but from reading about
cryptanalysis in WWWII it would appear that having a "crib"
(a bit of known plaintext) is a useful shortcut to breaking a cipher.
The tags in an XML message are likely to be known (or easily
guessable) by an attacker.  So, a straightforward encryption of
an entire XML message might be considerably less secure than
an encryption of a non-self-describing message.  

I was sortof wondering if that was what was being implied in
the article, but it was never stated clearly.