Cart
[Home] [By Thread] [By Date] [Recent Entries]
"Steven Livingstone, ITS, SENM" wrote: > > Anybody doing much work with XML Certificates for security?? I'd certainly hope not! There are roughly two standards that matter today: - X.509, as issued by Verisign (99% worldwide monopoly in the non-corporate space, if the Thawte acquisition goes through). Binary, baroque syntax, overfeatured. - OpenPGP, which doesn't have a "BigBrother" hook (anyone can cut a cert, you don't punt the "do I trust XXX" issue by trusting some Big Brother). Both ASCII and binary formats exist; simpler. Public Key Infrastructure is a big enough problem that IMHO it's really not worth tweaking low level standards. The problems that need solving are at the level of global infrastructure deployment, trustability, and (especially) usability. XML can't help there. For OpenPGP info/source/... I'd suggest http://www.gnupg.org for info. It interoperates with PGP 5.x and later. What's lacking is commercial support for OpenPGP; licensing deals with Verisign have ensured that X.509 availability skyrocketed despite its problems. Browsers have X.509 for SSL support (and S/MIME), few as yet (even Mozilla) support OpenPGP. - Dave xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@i... Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ or CD-ROM/ISBN 981-02-3594-1 Unsubscribe by posting to majordom@i... the message unsubscribe xml-dev (or) unsubscribe xml-dev your-subscribed-email@your-subscribed-address Please note: New list subscriptions now closed in preparation for transfer to OASIS.
|
