[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: two good points, Re: PKIXML session. Was: PKIX WGtentative agenda

To: Juergen Brauckmann <brauckmann@xxxxxxxxxxxxxx>
Subject: Re: two good points, Re: PKIXML session. Was: PKIX WGtentative agenda
From: Ed Gerck <egerck@xxxxxxx>
Date: Fri, 08 Dec 2000 10:48:52 -0800
Cc: ietf-pkix@xxxxxxx
References: <> <> <> <> <>

Juergen Brauckmann wrote:

> Ed Gerck wrote:
> > If XML encoded documents can be modified without changing the
> > document, then presenting one XML encoded document which has
> > a valid signature is enough to allow any number of documents equal
> > to that one to be verified -- irrespective of their XML encoded form.
> >
> > In other words, if F: X --> Y is a mapping between two sets X and Y
> > such that several different x in X have the same image y0 in Y, then presenting
> > a valid signature for one x0 is enough, together with a certified F, to certify all
> > other x that have the same image as the certified x0 mapped by the certified F,
> > which is y0.
>
> So we can have an F() which transforms any pattern "$10 " into a "$1000
> " for any given XML documents, so that a document verifies with $10 and
> with $1000? Yes, this sounds really useful for signed documents;-)
>
> Sorry, couldn't resist... .

I am glad you did not.  If you have a certified F() that transforms "$10" in US Dollars
to "$1000" in another currency, this might be really useful.  So, even though this
is not the case here (because we are talking about control codes, not values), it
could well be useful also for values.

The bottom line is that if F() is certified between two sets, that F() is useful to
connect a certified x0 in X to a y0 in Y which then becomes certified.

> > > >So, this is IMO good point #2 -- you can reduce a XML certificate size
> > > >*below* the
> > > >ASN.1 size.
> > The same happens with ASN.1, so both are tied for anything that is random.
> > But anything else can be compressed and presents a benefit for compressed
> > XML over ASN.1.
>
> You can compress your ASN.1 data too. "Compressed XML" is IMHO no
> standard or RFC, just like there is no "Compressed ASN.1". When you
> compress you DER certificates, they will be smaller than compressed XML
> structures.

Wait.  This is a general affirmation, and so it is probably false. But, please
prove it.

Cheers,

Ed Gerck

References:
- Re: PKIXML session. Was: PKIX WG tentative agenda
  - From: Tim Polk
- Re: PKIXML session. Was: PKIX WG tentative agenda
  - From: Tim Polk
- Re: two good points, Re: PKIXML session. Was: PKIX WG tentative agenda
  - From: Tim Polk
- Re: two good points, Re: PKIXML session. Was: PKIX WGtentative agenda
  - From: Ed Gerck
- Re: two good points, Re: PKIXML session. Was: PKIX WGtentative agenda
  - From: Juergen Brauckmann

Prev by Date: Re: tentative timeline for TSP (was Re: PKIX WG tentative agenda)
Next by Date: Re: PKIXML session. Was: PKIX WG tentative agenda
Previous by thread: Re: two good points, Re: PKIXML session. Was: PKIX WGtentative agenda
Next by thread: Re: PKIXML session. Was: PKIX WG tentative agenda
Index(es):
- Date
- Thread