axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dennis Sosnoski <...@sosnoski.com>
Subject Re: WSDL with attachments
Date Fri, 29 Jul 2005 16:40:49 GMT
These are complex topics that are straying away from Axis issues, since 
WS-Security is a given that we all need to work with. I'll just point 
out, though, that XML Canonicalization is only required because of the 
decision to base XML Signature on the *text* of the document, rather 
than the *content* of the document. It would have allowed for much more 
efficient implementation if Signature had been based on the Infoset, for 
instance. As it is, the reliance on the particular sequence of 
characters in the text format has repeatedly caused problems in Axis due 
to issues such as namespace prefixes which have absolutely nothing to do 
with the content of the document.

  - Dennis

Anne Thomas Manes wrote:

>I agree with you that the XML gateway appliance vendors will benefit
>from widespread adoption of WS-Security. <grin>
>
>I'm not an expert in security, although I do know enough to know that
>it's a remarkably complex topic. The security gods have reached the
>conclusion that the best way to ensure end-to-end security and to
>reduce security vulnerabilities when dealing with attachments is to
>make them part of the SOAP message infoset. The documents I cited can
>tell you why -- but you need a pretty deep understanding of security
>threats and countermeasures to truly understand them. (I'm definitely
>on shaky ground when reading them.)
>
>XML Signature requires XML Canonicalization because you absolutely
>need to make sure that not one bit in the message changes to replicate
>and validate a signature. That's just the way it is. The message may
>get compressed or chunked or whatever in transit, so you have to be
>able to reconstruct it exactly. Only canonicalization can ensure
>perfect reconstruction.
>
>Anne 
>
>On 7/28/05, Dennis Sosnoski <dms@sosnoski.com> wrote:
>  
>
>>Thanks for the pointers, Anne, I'll check out the documents.
>>
>>As to the issue of attachments not being part of the Infoset - honestly,
>>that seems a much cleaner approach to me than making them look like
>>base64 encoding, as done by MTOM. WS-Security (which in turn builds on
>>XML Signature, which uses XML Canonicalization) is one of the most Rube
>>Goldberg-ish contraptions in the history of technology. It's the
>>equivalent of writing your data out in longhand on a whiteboard, taking
>>a Polaroid of the whiteboard, signing that, and enclosing it with the
>>transmission. The main beneficiaries of WS-Security would seem to be the
>>manufacturers of XML appliances, which suddenly have a huge potential
>>market.
>>
>>IMHO there's no reason why WS-Security couldn't have been designed with
>>attachments in mind, and implemented the sensible approach of just
>>encrypting or signing the binary format directly.
>>
>>  - Dennis
>>

Mime
View raw message