Re: Encryption and the processing model

> Well, I think we've been implicitly proceeding assuming that this
> information is visible.

I don't have a great problem, but it should be made explicit.  :)

> Would you mind filling out that example a bit, i.e. what would an
> example header name and value be?

It's typical four-corner model used by the financial services industry. 
I send a transaction to you, with <nacha:clearinghouse
actor="aba:123415"> as a header element, indicating the ABA banking
number to identify my bank as the organization that will clear the
transaction.  I don't want you to know who my bank is.  You get the
transaction, pass it along to YOUR bank, who can/must know my bank, to
contact them.

This is a bit contrivied -- it would probably be nested transactions
with internal encrypted content -- but is the only sample I could think
of off the top of my head.
	/r$

-- 
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com

Received on Monday, 14 January 2002 10:33:11 UTC