W3C home > Mailing lists > Public > xml-dist-app@w3.org > May 2000

RE: XML protocol security

From: Mark Baker - Ottawa Consumer and Embedded Div. <Mark.A.Baker@canada.sun.com>
Date: Thu, 18 May 2000 18:16:10 -0700
Message-Id: <200005181615.MAA28671@fastrack.Canada.Sun.COM>
To: "'xml-dist-app@w3.org'" <xml-dist-app@w3.org>

>You can encrypt the transport and you can encrypt the message. If a
>router/gateway/server needs to look at the body of the message in order to
>handle the message, then the security on the body is compromised. So if an
>XML message has information on the 'outside' that helps a router get the
>message to the right destination, then the information on the 'inside' needs
>to be able to be encrypted.

Right-o.  Though I hadn't considered this problem specifically,
I believe it's a fallout of the more general problem of not
consolidating metadata at a single level (not that I'm sure a single
level is the answer, but we have to at least consider the problem).
My previous suggestion to allow for document-authored metadata
(via http-equiv) to percolate "up" to the HTTP headers was one
attempt to tackle this.  More thought is needed about how to do
this for the general combination of document/MIME/HTTP metadata.

>There is an example in the world of WAP and HTTP. When a message is sent
>from a cell phone, it goes (theoretically) over an encrypted transport to a
>WAP gateway. This gateway then acts like a proxy and translates the request
>into HTTP and sends the request on its way. However, the WAP format uses a
>form of certificates/encryption that are incompatible with the Web's
>X.509/HTTPS - so the gateway decrypts the message & re-encrypts it via
>X.509/HTTPS etc. (I'm not an expert so this description is not guaranteed to
>be accurate at the detailed level.)

Right.  WTLS from gateway<->device, and SSL from gateway<->origin web
server.  Plus different certificate formats, as you mention.

>This is such a big hole in security that
>some banks buy a WAP gateway, install it behind their corporate firewall &
>have a secure link to the cell phone companies telephone network. But banks
>don't like this - they aren't in the business of software development and
>managing servers. This will slow the adoption of wireless e-commerce. 

But hey, at $1mil a pop for gateway software (not sure of latest
pricing, but that's what Phone.com's SEC filing showed), the gateway
vendors don't mind at all.

>So... make sure that messages can be routed with being fully decrypted.

More than just routing, but yes.

Received on Thursday, 18 May 2000 12:16:06 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 22:01:09 UTC