- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Tue, 28 Oct 2014 05:54:34 +0100
- To: "Brutzman, Donald (Don) (CIV)" <brutzman@nps.edu>, public-xmlsec-comments@w3.org
On 2014-10-27 22:44, Brutzman, Donald (Don) (CIV) wrote: > Efficient XML Interchange (EXI) Working Group is looking for security review for EXI Recommendation and Canonical EXI Working Draft. We are happy to collaborate with the Web Security Interest Group. > > EXI WG is at https://www.w3.org/XML/Group/EXI and meeting today/tomorrow. > > We are keen to ensure that compression and canonicalization (both for XML and EXI) preserve web security mechanisms such as XML encryption and XML digital signature. > > Some mail was sent by the EXI group early this year, but apparently the connection was never established. We would be happy to re-pose these questions. > > As EXI best practices continue to progress with multiple implementations, for large and small and very small devices, we are noticing some potential threat vectors that are likely of shared interest. > > Of further general interest is that EXI appears to be the bridge which might best help the Internet of Things (IoT) become the Web of Things (WoT). I believe JSON is better suited for taking on this market. Regarding JSON security there are the soon finished JOSE standards: http://datatracker.ietf.org/wg/jose/documents Anders > > Looking forward to further progress and collaboration in this fundamentally important arena. > > all the best, Don > -- > Don Brutzman Naval Postgraduate School, Code USW/Br brutzman@nps.edu > Watkins 270, MOVES Institute, Monterey CA 93943-5000 USA +1.831.656.2149 > X3D graphics, virtual worlds, navy robotics http://faculty.nps.edu/brutzman >
Received on Tuesday, 28 October 2014 04:55:17 UTC