[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
Re: [xml-dev] md5sum / sha1sum for XML?
- From: Dave Pawson <davep@dpawson.co.uk>
- To: Richard Salz <rsalz@us.ibm.com>
- Date: Thu, 13 Jul 2006 17:50:19 +0100
On Wed, 2006-07-12 at 21:50 -0400, Richard Salz wrote:
> Actually, look at 'exclusive canonicalization.' Interop shouldn't be a
> problem. It's c14n modified to handle the case of embedding your payload
> within some other XML (e.g., SOAP).
Except that it's the ancestry that's of little interest Rich?
'applied to a subdocument, includes the subdocument's ancestor context
including all of the namespace declarations and attributes in the "xml:"
namespace.'
I'm transporting a document from server A to B.
The wrapper is of import insofar as metadata is concerned.
the 'payload' is my interest.
I'm pretty convinced that md5sum (bit like me) is pretty old 'ish,
I'm looking for the younger prettier replacement.
Does xml sig provide the reassurance that md5sum did?
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/#def-Integrity
<quote>"The property that data has not been changed, destroyed, or lost
in an unauthorized or accidental manner." [SEC] A simple checksum can
provide integrity from incidental changes in the data; message
authentication is similar but also protects against an active attack to
alter the data whereby a change in the checksum is introduced so as to
match the change in the data. </quote>
Seems to be about right? digSig == md5sum for y21K?
I want the metadata to include the magic signature,
then the payload, as sent, and as verified by the author(ity)
and me (as cynic) at the receiving end?
Do we have implementations and experience that says it works?
--
Regards,
Dave Pawson
XSLT + Docbook FAQ
http://www.dpawson.co.uk
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
