OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Partyin' like it's 1999

[ Lists Home | Date Index | Thread Index ]

Sean McGrath wrote:

> The use case here is transmitting XML-based messages from one service to 
> another service on a Service Oriented Architecture and doing it in such 
> a way that (a) it is possible to be sure that a message routed "straight 
> through" has not been tampered with and yet (b) the XML is fully 
> visibile - not a lump of attatchment goo - for the purposes of 
> intelligent routing.

This sounds like exactly what XML digital signatures is supposed to do. 
If that doesn't work, then treat the document as read-only data, and 
wrap it in a MIME envelope (a.k.a XOP) along with a digital signature 
over the binary form of the data.

> Equally important is the fact that an intermediating service can 
> add/modify/delete content from the XML instance without doing damage to 
> the untouched parts of the instance.

I'm not sure I see how this is compatible with the need to route 
straight through without tampering. But again, this is a use case XML 
digital signatures attempts to address. Why is that not working for you?

Elliotte Rusty Harold  elharo@metalab.unc.edu
XML in a Nutshell 3rd Edition Just Published!


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS