OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] 2007 Predictions

>  - protected from nake eye inspection of actual data HTTP move

Yes.  In another post I say that this is all you get.

>  - validate server identity, that can serve to avoid phising or DNS 

Maybe.  If I can get a cert from one of the common vendors that "looks 
like" the name being spoofed, the no.

>  - protected content from malware javascript/html inyection

Yes, but I don't think this is concern anyway.  Are there any real 'man in 
the middle' attacks today?  So this is really the same as 'validate 

>  - validate client identity? (not idea about this, but I think is 

Yes, it is possible.

>  - cypher is strong against brute force

This is really the same as #1.

>  - cypher strong against password distribution problem (PKI dont need
> that ...much)

> Other than that. Again. Maybe was not soo a good idea, cause people
> want fast porn. Not safe or private porn. Wait... bad analogy.



Senior Security Architect
DataPower SOA Appliances

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS