[standards-jig] XML Encryption

Iain Shigeoka iainshigeoka at yahoo.com
Mon Mar 18 18:26:22 UTC 2002


On 3/18/02 9:29 AM, "David Waite" <mass at akuma.org> wrote:

> Iain Shigeoka wrote:
> 
>> On 3/15/02 9:13 AM, "Thomas Muldowney" <temas at box5.net> wrote:
>> 
>>> That's about it for now.  I want to do a larger writeup with examples of
>>> usage, but I hate working on something with huge holes such as key
>>> exchange and agreement.  Thoughts are welcome!
>>> 
>> 
>> I agree.  The problem with key exchange systems have traditionally been the
>> difficulty of managing, exchanging, and maintaining the keys.  I'd probably
>> suggest taking the alternate tack and trying to solve key exchange and
>> agreement first.  If you can come up with a satisfying solution for it, then
>> the rest will probably fall into place trivially.  Without that solution
>> though, there's not too much of a point in putting signatures and encryption
>> in place...
>> 
> It might be that we can use the same encryption methods for all
> environments, but need key exchange mechanisms tailored to the type of
> client being written (for instance, an unsigned applet on a public
> server won't get value from anything other than a diffie-hellman style
> key exchange; because they can't make connections to a trusted third
> party, or trust the server serving up the applet any more or less than
> any other intermediary)

Right.  Before we even start exploring these types of options I'd like to
spew a small rant.

I think there is a technical and social aspect to things too.  Most people
will want easy to understand security.  We may know the advantages and risks
of particular key exchange protocols and encryption algorithms.  However,
most people will want the hollywood, "is this a secure line?" "yes sir,
we're secure." type of thing not "well, there is an x chance of compromise
in our key exchange and the encryption could be brute forced in x minutes by
x mips processing, and...".  :)  Defining these things in a way that works
technically as well as socially is a real challenge.  If we allow different
levels of security (what happens when my level 8 secure client sends to a
level 6 secure client via a level 7 secure server), different encryption
algorithms, different key exchanges, etc things may work technically but not
socially.  Just my 2 cents.

-iain


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




More information about the Standards mailing list