Loading ...
Sorry, an error occurred while loading the content.

9619Re: [soapbuilders] Re: Super-Encryption AND Digital Signatures

Expand Messages
  • mlong@bridgetonconsulting.com
    Dec 3, 2003
      Quoting Rich Salz <rsalz@...>:

      > I'm curious why a standard dsig/enc combination isn't appropriate?

      There is nothing wrong with the dsig, but it's overhead (and plenty of it).

      IMHO, the necessity for large and scaleable secure applications it great. I
      don't believe that xml-enc + xml-dsig on a one to many basis will ever be
      functionally scaleable (except in name only).

      If you take my premise based on an intermediary, then the requirements for
      secured/encrypted data are only based on a single and relatively simple
      concept. Not to mention the reduction in overhead in the fact the sender and
      receiver need not exchange keys. Only the intermediary-2-sender and
      intermediary-2-receiver need to exchange public keys, i.e., the intermediary
      decrypts the sender's message; then encrypts the message for the receiver.
      That scenario to me dramatically increases the scalability of
      secured/encrypted interop over an unsecured channel.


    • Show all 22 messages in this topic