Re: XML tag encryption?

[miha () nil si]

Darren,

> It allows you to exchange data with something else through another
> something that analyses the network traffic created as a result of
> the exchange without giving away the true meaning of the data.

All this will achieve, is protect your data from 10 year olds. But then 
again, 10 year olds are usually not the ones after your sensitive data.

It's more or less like sending your e-mail in some other language than 
English. All that is needed is a bit of time and effort, and your 
"sensitive" information is just as obvious as it was before the 
"scrambling".

> If I give you a spreadsheet of figures in XML, what any of those
> figures mean is lost if you scramble the column names and other
> random text tags, right ?

Wrong:
- If you're financial institution, I will have a pretty good idea.
- If you are some sort of science lab, I will have a pretty good idea.
- If you are educational institution, I will have a pretty good idea.
... and so on

> One example I can think of is if you wanted to scan XML content for
> viruses/worms without a complete compromise of the data, this might
> allow for that.

If you are sending some sensitive information, you do not care about virus 
scanners, you want it to come to the recipient intact. If it is not 
sensitive, well, why bother with the scrambled tags.

Miha Vitorovic
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards