My recent GSS-SAML musings lead me to think about the relation of security, applications and platforms. My firm belief until recently was that security should be handled low in the stack: in the network protocol layer, the operating system, etc.…
Category: Security
Please find the PDF slide deck for my presentation at XML 2005 here: XML 2005 – Using SAML for Platform Security The paper for this talk will be – as far as I understand – available for public download some…
Now, here is an interesting talking point: XML Encryption (XMLEnc) is bad. “Why?”, you might ask. Well, in their lack of infinite wisdom, the XML encryption community left out a very important concept: Authenticated Encryption, i.e. combining signatures and encryption…