Firewall Wizards mailing list archives
Re: XML tag encryption?
From: miha () nil si
Date: Thu, 6 Jun 2002 08:50:35 +0200
Darren,
It allows you to exchange data with something else through another something that analyses the network traffic created as a result of the exchange without giving away the true meaning of the data.
All this will achieve, is protect your data from 10 year olds. But then again, 10 year olds are usually not the ones after your sensitive data. It's more or less like sending your e-mail in some other language than English. All that is needed is a bit of time and effort, and your "sensitive" information is just as obvious as it was before the "scrambling".
If I give you a spreadsheet of figures in XML, what any of those figures mean is lost if you scramble the column names and other random text tags, right ?
Wrong: - If you're financial institution, I will have a pretty good idea. - If you are some sort of science lab, I will have a pretty good idea. - If you are educational institution, I will have a pretty good idea. ... and so on
One example I can think of is if you wanted to scan XML content for viruses/worms without a complete compromise of the data, this might allow for that.
If you are sending some sensitive information, you do not care about virus scanners, you want it to come to the recipient intact. If it is not sensitive, well, why bother with the scrambled tags. Miha Vitorovic _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- XML tag encryption? Roger Marquis (Jun 01)
- Re: XML tag encryption? Darren Reed (Jun 05)
- <Possible follow-ups>
- RE: XML tag encryption? Scott, Richard (Jun 04)
- Re: XML tag encryption? Rama Kant (Jun 04)
- Re: XML tag encryption? Marcus J. Ranum (Jun 05)
- Message not available
- Message not available
- Message not available
- Re: XML tag encryption? Rama Kant (Jun 05)
- Re: XML tag encryption? Eric Rescorla (Jun 07)