Firewall Wizards mailing list archives
Re: XML tag encryption?
From: Eric Rescorla <ekr () rtfm com>
Date: 05 Jun 2002 17:57:50 -0700
"Steven M. Bellovin" <smb () research att com> writes:
Apart from the fact that most developers will pick such tags -- and the fact that an enemy could launch a known plaintext attack to figure out what fields are what, in your specific example I should point out that credit card numbers are self-checking and thus easily recognizable.
A friend of mine talked to these guys at XML One and reports that actually they're encrypting elements, not just tags--though you wouldn't know it from the article. -Ekr -- [Eric Rescorla ekr () rtfm com] http://www.rtfm.com/ _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- XML tag encryption? Roger Marquis (Jun 01)
- Re: XML tag encryption? Darren Reed (Jun 05)
- <Possible follow-ups>
- RE: XML tag encryption? Scott, Richard (Jun 04)
- Re: XML tag encryption? Rama Kant (Jun 04)
- Re: XML tag encryption? Marcus J. Ranum (Jun 05)
- Message not available
- Message not available
- Message not available
- Re: XML tag encryption? Rama Kant (Jun 05)
- Re: XML tag encryption? Eric Rescorla (Jun 07)