Lists Home |
Date Index |
I've come in at the tail end of the question, but I what is it you are
trying to achieve?
These days, if a xml document has been sent from A to B, using pretty
much any protocol, it would have gone through many many crc and
integrity checks. Each tcp/ip packet gets it - each file etc. Data
corruption is much less of an issue than it was ever was even since the
days of Kermit and x/zmodem.
Actually, when I think back, my grandfather used to lay telephone lines
across the country. Sometimes the phones would run over a wire fence. At
least there would be a signal. It wasn't crash hot.
He would replace them with proper phone lines.
Anyway, towards the end of his life, this goes back a few years now, I
remember him telling me, "Best way to fix that sort of problem now is
just install a satellite dish. What we did wouldn't be done anymore"
I thought I would just add that... because I thought it was a funny but
true story. That was my grandfathers time. Things are different now.
I'm sure there are some modern communications facilities where you live?
what island are you living on? :-)
On Thu, 2006-07-13 at 17:50 +0100, Dave Pawson wrote:
> On Wed, 2006-07-12 at 21:50 -0400, Richard Salz wrote:
> > Actually, look at 'exclusive canonicalization.' Interop shouldn't be a
> > problem. It's c14n modified to handle the case of embedding your payload
> > within some other XML (e.g., SOAP).
> Except that it's the ancestry that's of little interest Rich?
> 'applied to a subdocument, includes the subdocument's ancestor context
> including all of the namespace declarations and attributes in the "xml:"
> I'm transporting a document from server A to B.
> The wrapper is of import insofar as metadata is concerned.
> the 'payload' is my interest.
> I'm pretty convinced that md5sum (bit like me) is pretty old 'ish,
> I'm looking for the younger prettier replacement.
> Does xml sig provide the reassurance that md5sum did?
> <quote>"The property that data has not been changed, destroyed, or lost
> in an unauthorized or accidental manner." [SEC] A simple checksum can
> provide integrity from incidental changes in the data; message
> authentication is similar but also protects against an active attack to
> alter the data whereby a change in the checksum is introduced so as to
> match the change in the data. </quote>
> Seems to be about right? digSig == md5sum for y21K?
> I want the metadata to include the magic signature,
> then the payload, as sent, and as verified by the author(ity)
> and me (as cynic) at the receiving end?
> Do we have implementations and experience that says it works?