• To: Dennis Sosnoski <dms@s...>
• Subject: Re: Rich & Elliotte were right, I was wrong
• From: Rich Salz <rsalz@d...>
• Date: Mon, 15 Mar 2004 16:32:11 -0500
• Cc: xml-dev@l...
• In-reply-to: <40561B39.1000406@s...>
• References: <ADA1E0AB9452BB48B063228627805EC901726EB1@R...> <4056139E.2070704@s...> <405618A6.5030501@d...> <40561B39.1000406@s...>
• User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b) Gecko/20030507

> Well, on the bright side I guess the extreme overhead of basing DSIG and 
> Encryption on XPath rather than some standardized serialization of the

Extreme overhead?  Hardly.  It's just a processing model, no more or 
less efficient than infoset.

> I'd suspect that any reasonable implementation of c14n is actually 
> working at a level equivalent to the Infoset internally, anyway - it 
> just serializes the Infoset out following the special rules for c14n 
> XML. Is there any other way of handling c14n that's not equivalent to this?

You can do a SAX-based C14N.  If you think that's infoset, then I guess 
my point is proved that the infoset is so general that it's useful for 
security. :)

	/r$

-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

• References:
  • RE: Rich & Elliotte were right, I was wrong
    • From: "Derek Denny-Brown" <derekdb@m...>
  • Re: Rich & Elliotte were right, I was wrong
    • From: Dennis Sosnoski <dms@s...>
  • Re: Rich & Elliotte were right, I was wrong
    • From: Rich Salz <rsalz@d...>
  • Re: Rich & Elliotte were right, I was wrong
    • From: Dennis Sosnoski <dms@s...>

• Prev by Date: Re: Rich & Elliotte were right, I was wrong
• Next by Date: Reach Interoperability Guidelines - URI changes
• Previous by thread: Re: Rich & Elliotte were right, I was wrong
• Next by thread: RE: Rich & Elliotte were right, I was wrong
• Index(es):
  • Date
  • Thread