Lists Home |
Date Index |
DSIG and encryption are big issues with a 'binary structured XML' or
'binary infoset'. There are several solutions of varying efficiency,
features, and difficulty.
One option is to canonicalize and use DSIG and Encryption as is, but
that is the most expensive in processing terms.
A convention will have to be created that preserves DSIG/Encryption work
and is also practical.
With the addition of delta support, handling signature and encryption of
updates or data 'owned' by different actors actually can become very
efficient and flexible.
Rich Salz wrote:
> Dare Obasanjo wrote:
>> Most real world applications use an abstraction of XML that
>> is more akin to a subset of the XPath data model (elements,
>> attributes, and text nodes).
> I agree with this. In particular, XML DSIG and XML-Encryption are
> based on the XPath model. Since I think signatures and encryption are
> crucial to the deployment of web services, and since I think it'll be
> a cold day in h... before the security folks get together to revise
> those specs to use the Infoset model, I tend to view SOAP 1.2 and its
> ilk as more DOA than SOA.
email@example.com http://www.hpti.com Personal: firstname.lastname@example.org http://sdw.st
Stephen D. Williams 703-724-0118W 703-995-0407Fax 20147-4622 AIM: sdw