OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] XML Binary Characterization WG public list available

[ Lists Home | Date Index | Thread Index ]

I would not advise anyone to hold their breath waiting on a concensus on 
a convention, but coming up with a useful convention for digital 
signature and encryption varies from easy to reasonably difficult, 
depending on your requirements.

Most business applications only need 'signed document' level digital 
signatures, not element by element complication, and encryption can be 
applied to particular elements, the whole document, or some type of 
application message.  Updates by multiple parties are usually better 
represented by multiple versions of a document, each signed separately, 
than individually signed fields.  Canonicalization can be an issue, but 
only when you need certain kinds of flexibility.

For full interoperability and compatibility, you have to convert XIS to 
XML1.1, canonicalize, hash/sign, and then insert the signature in the 
appropriate element.  One option is to sign both ways, i.e. on hashes 
made from XIS and XML1.1 versions, which allows a receiver to validate 
the signature more cheaply if it is XIS enabled.

Encryption really isn't an issue.  After you have encrypted, you have a 
block of pseudo-random data no matter what you started with and that can 
be the payload of an element the same in either case.


Rich Salz wrote:

>> A convention will have to be created that preserves DSIG/Encryption 
>> work and is also practical.
> I would not advise anyone to hold their breath while waiting for this. :)
>     /r$

swilliams@hpti.com http://www.hpti.com Personal: sdw@lig.net http://sdw.st
Stephen D. Williams 703-724-0118W 703-995-0407Fax 20147-4622 AIM: sdw


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS