[
Lists Home |
Date Index |
Thread Index
]
On Sat, 2006-07-15 at 13:06 +0100, Pete Cordell wrote:
> That's where public key cryptography comes in. You sign it using your
> private key in such a way that the third party can't do without the private
> key. Third parties can authenticate your signature using your public key.
>
> Depending on context, you may need a way for a third-party to validate your
> public key is really yours and not one made up by someone pretending to be
> you. That may involve public key infrastructures, or a courier rider
> providing you with a floppy disk!
A phone and a bit of software to interrogate the certificate should do
that!
I'd be happy with PKI, since we could be both CA and server. Not too
complex
once we figure out the cert trail.
More progress. I can now sign an xml file and verify the signature.
Thanks Sun.
Next one is http://www.w3.org/TR/xmlenc-core/
See if I can get that to wrap the signed instance and I have
a full house!
--
Regards,
Dave Pawson
XSLT + Docbook FAQ
http://www.dpawson.co.uk
|
