[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [emergency] SBE Viewpoint
-------- Original Message --------
Subject: RE: [emergency] SBE Viewpoint
From: "Ron Lake" <rlake@galdosinc.com>
Date: Mon, February 15, 2010 4:48 pm
To: "Lee Tincher" <ltincher@evotecinc.com>, <rexb@starbourne.com>,
"David E. Ellis" <dellis@sandia.gov>
Cc: "Gary Timm" <gtimm@journalbroadcastgroup.com>,
<emergency@lists.oasis-open.org>, "Oien, Chuck" <ctoien@sandia.gov>,
"Sanzero, George" <gsanzer@sandia.gov>, "Ammerlahn, Heidi"
<hrammer@sandia.gov>
Hi,
I would also expect that one can do this using existing specifications
for messaging such as XML Signatures (W3C) (as part of the solution).
In XML Signatures, one mulches the message being sent using an
appropriate mulching or digestion algorithm (analogous to computing a
CRC) and gets an encrypted string (containing also the sender's
credentials)) that is sent with the message. The receiver uses the
encrypted string to run the received message through the same mulching
algorithm and compares the result with the received string. If they
match, the content MUST have come from the indicated sender (they cannot
deny it) and it must have not been tampered with.
For a better description of this see
http://java.sun.com/developer/technicalArticles/xml/dig_signatures/
The main point is that it has nothing to do with the content of the
message.
R
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]