RE: Security from Clemens F. Vasters on 2001-03-15 (xml-dist-app@w3.org from March 2001)

From: Clemens F. Vasters <clemensv@newtelligence.com>
Date: Fri, 16 Mar 2001 00:13:00 +0100
To: "Joseph Ashwood" <jashwood@arcot.com>, <xml-dist-app@w3.org>
Message-ID: <2464EE65E1A8E248A9AEE64007F871030799B6@DEEPSPACE.newtelligence.com>

Hi Joseph,
 
pardon me for jumping in out of the void (since I am really only
watching this list), and I am really only responding to this particular
message from you, so I may be entirely off the mark here:
 
I think that what Satoshi Hada and Hiroshi Maruyama from IBM Research in
Tokyo are working on (and has partly submitted to the W3C) by using PKI
signatures and PKI based encryption through SOAP header extensions
sounds like a good solution for both authentication and privacy with
protocols that are loosely coupled or essentially one-way and will not
allow negotiation. (Applies to both, RPC and messaging)
 
( http://www.trl.ibm.com/projects/xml/soap/wp/wp.html)
 
I understand that mandating PKI for XML protocol authentication may not
meet the "simplicity" requirements, but when we're talking security for
scenarios where you have no immediate connection between sender and
recipient (this is also true for intermediate hops on synchronous
links), I don't see any better way than using certificates to guarantee
authenticity of messages. When you take that road, privacy protection
comes more or less automatically with it.
 
Regards,
Clemens
 
 

 -----Original Message----- 
 From: Joseph Ashwood 
 Sent: Thu 3/15/2001 11:31 PM 
 To: xml-dist-app@w3.org 
 Cc: 
 Subject: Security
 
 

 This conversation pretty much started on the SOAP list but I
think it's far
 more applicable here.
 
 To give a quick summary of what has happened so far:
 There are no encryption/integrity methods that are really
suitable for
 remote procedure calls. So it has been suggested that progress
be made in
 that direction. This stems from a requirement for burst-type
communications
 (commonly done over SMTP for SOAP), where negotiations are
difficult.
 
 I was going to look into this some but I'm not sure what
requirements people
 are likely to have. Do you want enough rope to be able to hang
yourself very
 thoroughly? Or do you want strong guidelines that will limit
diversity, but
 give you only solutions that are strong?
 
 What suitable compromises do you want to see? Do you want only a
small
 number of ciphers , MAC, etc, that are secure and freely
available? or do
 you want to be able to put your own prefered ciphers to use with
minimal
 trouble?
 
 Any input would be greatly appreciated.
                 Joe

Received on Thursday, 15 March 2001 18:15:00 UTC