[Cryptography] multi-key encryption of "meta" data
Phillip Hallam-Baker
phill at hallambaker.com
Thu Jul 17 08:42:58 EDT 2014
On Thu, Jul 17, 2014 at 12:25 AM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> Phillip Hallam-Baker <phill at hallambaker.com> writes:
>
>>Actually it was IBM and Microsoft who wanted to sell lots of high priced
>>consultancy that was the problem with WS-*
>
> I can't speak for MS, but I know that the implementation folks at IBM weren't
> thrilled with the mess that it turned into either. Hypothesising evil vendor
> conspiracies is always popular, but in this case I think it was just a
> standard result of design-by-committee [0].
Actually there was one main architect. The mistake I made was probably
to avoid kibitzing everything lest a design-by-committee result occur.
The big problems were over-modularization of the architecture and the
over-complexity of XML. XML is a document markup format and makes a
lousy data encoding. The problem is that every different WS-*
application can make its own set of choices. Since WS-* is
infrastructure it can't impose anything.
SOAP was really designed to replace DCOM which is already a
complicated mess. So you have XML which is overly complex, COM which
is a mess and a complicated architecture, what could go wrong?
But the other problem is that a lot of the specs are not really fully
specified as far as requirements go. They are like subroutine
libraries without the architectural document.
More information about the cryptography
mailing list