- From: Ed Simon <edsimon@xmlsec.com>
- Date: Mon, 25 Feb 2002 21:30:13 -0500
- To: <www-xkms@w3.org>
Alex wrote > 1) Because its not possible (and perhaps impossible) to support a general > purpose XML parser and more importantly a full XML dsig implementation on > constrained devices, it would be necessary to create a dsig profile for XKMS > messaging. For example, is full XPath support necessary? Individual protocols can certainly decide not to use XPath or other features of XML Signature; indeed the XML Signature schema specifically allows great flexibility in subclassing. However, all protocols, no matter how they subclass XML Signature, must however ensure they are using XML Signature in a secure and sufficiently interoperable manner. I'm interested in the question about determining what degree of XML processing will be available on "constrained" devices. I'm not knowledgeable enough in this area but it seems to me that there are so many XML technologies that will be desired on such devices (eg. SVG, Web services,...) that it would make sense (even in a constrained environment) to have a reasonably adequate level of generic XML processing available. > 2) The size of a signed XKMS message is to large, leading to bandwidth > issues. For example, a typical signed XKMS Validate response can run about > 2.5K. On some networks this would cost the user between 7 and 10 cents! > (Data from a major European operator) This seems to have been the major > issue with the vendors and caused them to stick to their smaller proprietary > structures and to consider ASN.1 based protocols such as OCSP for validation > instead of going with XKMS. Again, I'm no expert in wireless but 4cents per kilobyte sounds strange to me as a design parameter. I thought 3G wireless was good for say, at least 10 kB/second. Does that mean on 3G, I'd be spending 40 cents/second, $24/minute!, on a 3G network!!! Ed
Received on Monday, 25 February 2002 21:31:02 UTC