Slashdot Mirror

← Back to Stories (view on slashdot.org)

W3C Recommends XML Signature Syntax

Posted by michael on from the sealed-with-a-kiss dept.

__past__ writes: "The W3C released a recommendation on XML Signature Syntax and Processing. The interesting point is not only that this is quite an important step for secure XML processing (esp. with regarding to web services), but also because there are some possibly ugly patent issues."

3 of 110 comments (clear)

  1. scary by SirSlud · · Score: 4, Interesting

    Patents really have shifted from implementation to idea in the software world, it seems.

    And doesn't the W3C accept RAND licensed patents now a W3C endorsed standards? (I can't recall if that went through or not.)

    --
    "Old man yells at systemd"
  2. Conflict of interest? by bunyip · · Score: 5, Interesting

    So, as I understand it, a working group (WG) member creates a standard and then says, "Oh, hey, great standard guys, but now you're all going to have to pay me for it".

    Is this not a conflict of interest? Should the WG member be immediately voted off? Perhaps they should be tarred and feathered, run out of town on a rail?

    I prefer the latter approach, it may reduce the number of bogus patent claims.

    Alan.

  3. Digitial Signatures and XML = Good Thing... by soap.xml · · Score: 4, Interesting

    I would hope that the community and the possible "patent holders" allow for this to go forward. There really is a need for such a technology the XML/Web Services space.

    Having the ability to sign a document, or even a fragment of a document, allows for customers to "trust" that document and its contents. Sure https/ssl is a good way to "secure" the data during transit. But how can you be sure (currently) that the document I am sending you contains the proper information?

    Think of this in a b2b ecommerce setup. I can send you my pricing sheets, in xml format, you can be sure that they are really the proper pricing, and can be assured of the "current" availablity. In the same XML document, I can include reviews and any other pertanant infromation about a given product. Digitally signed and verified from a trusted third party source. My customers are now not worried that I am trying to push a product line by falsifing results, and I am providing them with content for there catalogs...

    To me, if it makes it through any "patent problems" this could be a very good thing ;)

    -ryan