Win a copy of Succeeding with AI this week in the Artificial Intelligence and Machine Learning forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
  • Junilu Lacar
Sheriffs:
  • Tim Cooke
  • Jeanne Boyarsky
  • Knute Snortum
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • salvin francis
  • fred rosenberger
  • Frits Walraven

XML signature

 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Ranchers,
I was reading through the document about XML signature from the w3c site but I gave up cos some of the stuff were way over my head. I wish I could ask specific questions but before that I would like to get a general understanding of how XML signatures are applied. I would appreciate it if someone could explain the series of events that occur during the authentication of a user? using this technology.
Thanks in avance,
Srini
 
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well I Agree With You The W3C Recommendation has no head nor foot it goes over head for first time you need to go through it again and again.I think there is IBM's Tutorial not exactly tutorial but an article for security you can see link from previous mail of Shainshank Tanksali
See site
Developer Fusion
I think will help you and also see Java Ranch Links
 
Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It is important to know how Signitures work, but more important to know what their application is. What can be signed? Who can be authenticated?
In a nutshell, signitures can be applied any document, or parts of a document, or external references to XML or other non-XML content. It is important that parts can be signed separately, so that as content is added it does not whack (technical term) the existing signiture.
The content itself is not signed. Rather, the content is converted into a smaller digest, which is then signed. The signiture can be internal to the document or external to the document or the signed resource can be contained in the signiture.
PK Encryption allows the receiver to authenticate the author, but of course the author has no way to authenticate the reciever, unless he/she signs it and sends it back.
 
I like you because you always keep good, crunchy cereal in your pantry. This tiny ad agrees:
Two software engineers solve most of the world's problems in one K&R sized book
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic