[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: TRP Error Handling Spec Draft
Daniel, Good point, we should absolutely support XML Dsig standards as well. The proposed list of supported crypto for ebXML now includes: - XML Dsig - PGP/OpenPGP (a.k.a. GPG) - S/MIME (I recommend Version 3.0, it is the IETF Proposed Standard) Is that all of them? Dick Brooks Group 8760 110 12th Street North Birmingham, AL 35203 dick@8760.com 205-250-8053 Fax: 205-250-8057 http://www.8760.com/ InsideAgent - Empowering e-commerce solutions > -----Original Message----- > From: Daniel Ling [mailto:dan@vcheq.com] > Sent: Monday, September 11, 2000 1:21 PM > To: Dick Brooks; Christopher Ferris; Burdett, David > Cc: ebXML Transport (E-mail) > Subject: Re: TRP Error Handling Spec Draft > > > Hi Dick, > I'd highly recommend we look at > http://www.ietf.org/rfc/rfc2803.txt RFC for DOM Hash as it gives concise > method of an interoperable > hashing for documents which we might transport. > > An interesting movement to take note of is the XML DSig > forum in the > W3C working group, more information can be had at > http://www.w3.org/Signature/ and there's a reference implementation at > Alphaworks http://www.alphaworks.ibm.com/tech/xmlsecuritysuite which is > definitely worth looking at. No need to reinvent the spokes of the wheel > here. Do tell me what you think. > > Regards, > Daniel Ling > Technical Architect > VCHEQ > PGP Key ID : 0122020A > PGP Fingerprint : 37B4 E1ED 2840 6EA7 917C 7D84 6608 0EED 0122 020A > WEB: www.vcheq.com > DID: 65-8258225 > FAX: 65-5365082 > > CONFIDENTIALITY CAUTION : This message is intended only for the use of the > individual or entity to whom it is addressed and contains > information that > is privileged and confidential. If you, the reader of this > message, are not > the intended recipient, you should not disseminate, distribute or > copy this > communication. If you have received this communication in error, please > notify us immediately by return email and delete the original > message. Thank > you. > ----- Original Message ----- > From: "Dick Brooks" <dick@8760.com> > To: "Christopher Ferris" <chris.ferris@east.sun.com>; "Burdett, David" > <david.burdett@commerceone.com> > Cc: "ebXML Transport (E-mail)" <ebxml-transport@lists.ebxml.org> > Sent: Thursday, September 07, 2000 11:17 PM > Subject: RE: TRP Error Handling Spec Draft > > > Just a couple of points regarding digital signatures: > > - Some industry groups require digital signatures (both PGP and S/MIME) on > documents, it is imperative that they be fully supported in ebXML. > - A DoS attack can occur if there are no access controls on the E-Commerce > server (SMTP for example). > - A DoS attack involving crypto functions is less likely when access > controls are in place > > Dick Brooks > Group 8760 > 110 12th Street North > Birmingham, AL 35203 > dick@8760.com > 205-250-8053 > Fax: 205-250-8057 > http://www.8760.com/ > > InsideAgent - Empowering e-commerce solutions > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC