OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Trust

[ Lists Home | Date Index | Thread Index ]

[Hodder, Ed]

>
> Leaving aside the fact that XBRL itself has nothing to do with security is
> XML Signature Syntax and Processing, or something like it, far enough
along
> at this point to make this kind of assertion? Is it possible today for
> software to discover a resource somewhere out in the wild and verify that
it
> in fact originated from company XYZ?

Yes, modulo believing in the validity of a digital certificate.  I am not
referring to anything specifically xml-ish though, just documents in
general.  If you can decode something using a public key, then only one
private key could have been used to sign it.  The certificate vouches for
that private key.  Who vouches for the certificate?  Ahh, the certificate
issuer.  Who used that private key to do the job?  Umm...

Cheers,

Tom P



  • References:
    • Trust
      • From: "Hodder, Ed" <Ed.Hodder@Bowne.com>



 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS