Ah.. but that would require a significant update to XML Signature. Would you like to call NIST about it or should I? <grin>
Anne On 7/29/05, Dennis Sosnoski <[EMAIL PROTECTED]> wrote: > These are complex topics that are straying away from Axis issues, since > WS-Security is a given that we all need to work with. I'll just point > out, though, that XML Canonicalization is only required because of the > decision to base XML Signature on the *text* of the document, rather > than the *content* of the document. It would have allowed for much more > efficient implementation if Signature had been based on the Infoset, for > instance. As it is, the reliance on the particular sequence of > characters in the text format has repeatedly caused problems in Axis due > to issues such as namespace prefixes which have absolutely nothing to do > with the content of the document. > > - Dennis > > Anne Thomas Manes wrote: > > >I agree with you that the XML gateway appliance vendors will benefit > >from widespread adoption of WS-Security. <grin> > > > >I'm not an expert in security, although I do know enough to know that > >it's a remarkably complex topic. The security gods have reached the > >conclusion that the best way to ensure end-to-end security and to > >reduce security vulnerabilities when dealing with attachments is to > >make them part of the SOAP message infoset. The documents I cited can > >tell you why -- but you need a pretty deep understanding of security > >threats and countermeasures to truly understand them. (I'm definitely > >on shaky ground when reading them.) > > > >XML Signature requires XML Canonicalization because you absolutely > >need to make sure that not one bit in the message changes to replicate > >and validate a signature. That's just the way it is. The message may > >get compressed or chunked or whatever in transit, so you have to be > >able to reconstruct it exactly. Only canonicalization can ensure > >perfect reconstruction. > > > >Anne > > > >On 7/28/05, Dennis Sosnoski <[EMAIL PROTECTED]> wrote: > > > > > >>Thanks for the pointers, Anne, I'll check out the documents. > >> > >>As to the issue of attachments not being part of the Infoset - honestly, > >>that seems a much cleaner approach to me than making them look like > >>base64 encoding, as done by MTOM. WS-Security (which in turn builds on > >>XML Signature, which uses XML Canonicalization) is one of the most Rube > >>Goldberg-ish contraptions in the history of technology. It's the > >>equivalent of writing your data out in longhand on a whiteboard, taking > >>a Polaroid of the whiteboard, signing that, and enclosing it with the > >>transmission. The main beneficiaries of WS-Security would seem to be the > >>manufacturers of XML appliances, which suddenly have a huge potential > >>market. > >> > >>IMHO there's no reason why WS-Security couldn't have been designed with > >>attachments in mind, and implemented the sensible approach of just > >>encrypting or signing the binary format directly. > >> > >> - Dennis > >> >
