Slashdot Mirror

← Back to Stories (view on slashdot.org)

W3C Recommends XML Signature Syntax

Posted by michael on from the sealed-with-a-kiss dept.

__past__ writes: "The W3C released a recommendation on XML Signature Syntax and Processing. The interesting point is not only that this is quite an important step for secure XML processing (esp. with regarding to web services), but also because there are some possibly ugly patent issues."

8 of 110 comments (clear)

  1. W3C / XML brain damage by brenfern · · Score: 3, Insightful

    Yet another dull-as-dish recommendation from the W3C, not even a reference implementation to play with.

    Ever since they have gone XML-with-everything they have produced ineffectual standards that are not followed by anybody as they are a pain in the ass to implement. It is no wonder that M$ and Sun prefer to create de facto standards instead of waiting for these guys to actually do anything. The killer app is the way to create standards and it's been a dozen years since we've seen one from the W3.

  2. what made the web work by Alien54 · · Score: 4, Insightful
    with the progress towards XML, etc. the WWW is moving away from those things that made the explosion of the WWW possible. The inherent simplicity in HTML, as something you could get the basics of in a few days of mild effort, or in a morning, if you were ambitious, is disappearing.

    What I am nervous about is that with the advance towards the more sophisticated technologies, the earlier simpler technologies will be "obsoleted". This may have implications for the democracy of the web slowing going away because only experts can do what used to be an everyman task.

    --
    "It is a greater offense to steal men's labor, than their clothes"
    1. Re:what made the web work by NineNine · · Score: 5, Insightful

      Simplicity? XML is about as simple as you can get. XML is just straight text in tags similar to HTML. Of course, it's only go to do with data transfer, but XML is generally very simple. And for those people who don't know "data" from a hole in thr ground, there's no reason to use XML in the first place.

    2. Re:what made the web work by Anonymous Coward · · Score: 3, Insightful
      Let me disagree here. Sure the syntax is relatively simple - although even that could be dumbed down - but what it describes is kind-of complicated. XML describes a graph, but it does so with three kinds of edges. Subelement relationships let one define a tree, attribute relations are a different type of edge that can only be used at the end of the tree, and then one can introduce cycles with IDREFs.

      From a semi-structured data point of view, all that's needed is one type of edge, which would make things much easier to reason about.

      Ordering is another point of contention. Attributes are not ordered, but subelements are. Messy.

      The crux of the problem with XML is that it was invented by structured document folks (as a simplified successor to SGML) and then later latched on to by the database folks who realized that it looked like semi-structured data. The design is something that I don't think database folks would have come up with if they were the ones designing it

      Of course, all of the terrible committee-made standards that are being layered on top of it don't help, but I suppose that's not a complaint with the core of XML.

      cheers!

  3. Re:Screw Patents by lemonhed · · Score: 3, Insightful

    >Ignore the problem and it goes away!

    It surely wont go away. In fact, if you ignore the problem our federal govt will do what people that DO NOT ignore the problem suggest they do. The federal govt is currently debating this issue as we speak.

    The US is already conforming to the rest of the world on patent matters (e.g., publishing applications after 18 months). so if you want your voices to be heard.. contact congress.

    Here is a link on patent legislation in various countries and how the US interacts with them.

    Click here!!!

  4. XML is no longer simple by Carnage4Life · · Score: 5, Insightful
    Simplicity? XML is about as simple as you can get. XML is just straight text in tags similar to HTML. Of course, it's only go to do with data transfer, but XML is generally very simple. And for those people who don't know "data" from a hole in thr ground, there's no reason to use XML in the first place.

    In the good old days, XML was simple but this is no longer the case as the W3C has created more and more complex standards that seem to require a P.hD to understand.

    • Want to specify a structure for your XML? XML Schemas
    • Want to query XML? XQuery
    • Want to transform XML to some other format? XSLT
    • Want to use XML as a transfer format for RPC calls? SOAP.
    • Want to create links between XML documents? XPointer, XLink, and XML:Base are all needed.
    • Want to include XML files in each other? XInclude
    Many of the above standards are rather complex and difficult for most people to understand completely. This is besides the stuff one has to understand about XML infoset and XML namespaces to fully understand how to use XML properly.

    DISCLAIMER: The opinions in the above post are MINE ALONE and do not reflect the opinions, intentions or strategies of my employer.
  5. Re:scary by j7953 · · Score: 3, Insightful

    It's even more scary for me. I live in Germany, where digital signature are treated almost equally to normal signatures in many areas (the laws are based on European legislation, so other European Union member countries should have similar laws). Digital signatures aren't widely used yet, but I think you'll agree that such laws have lots of potential uses.

    I am, however, very worried about legally binding signatures being subject to patent issues. Signatures are commonly used to sign contracts of high legal importance, where at least one party wants to have written proof of the contract. Having digital signatures convered by patents will make free software implementations more difficult or even impossible, and the idea that signing a contract will be possible only in ways that the signees don't completely undestand and cannot fully control (because the implementation is proprietary) certainly doesn't sound like a good idea for a democracy.

    --
    Sig (appended to the end of comments I post, 54 chars)
  6. You have it backwards by fm6 · · Score: 3, Insightful
    All these complicated technologies actually show how simple XML remains. None of them does anything to "make XML more complicated". XML is just a specification for encoding information -- and that specification is still on version 1.0. If the XML designers did their job right, there never be an XML 2.0 or even an XML 1.1.

    The beauty of XML lies not just in its simplicity, but also its flexibility. Naturally people are using this flexibility to implement sophisticated applications -- and writing complicated descriptions of these applications. But none of these things makes XML itself more complex. You might as well say that RISC chips, such as PowerPC, stopped being simple when people started using them to emulate Pentiums!