[xmlsec] another newbie question

Aleksey Sanin aleksey at aleksey.com
Sun Mar 14 16:07:37 PST 2004


Your question puts me in a very strange position when I am not sure
that my answer will not make things worse. From your signature I understand
that you work for a very well known company that has a lot of very 
sensitive information. And I also guess that you are not doing some 
research stuff there but a real system that will be used by someone.
I don't believe that one who knows almost nothing about cryptography and 
security can design and implement a secure system. My answer today will 
not explain all the details and issues that you will need to know. 
It'll only make a false feeling that you know everything. As the result, 
you'll make a mistake somewhere and tomorrow some hacker will use it to 
get on magazines front pages. 

Please, go and read some books about cryptography. Personally I would 
recommend these two:


but there are other good titles as well. And if you never did security 
related work before, you best option would be to find someone with
experience and watch how and what is s/he will do.

Sorry for not answering your question,

More information about the xmlsec mailing list