shesafish

| Home | Outline | Stylesheet insipired by CSS Colouring Book | Referrers
day-level permalink  Sunday, October 13, 2002

permalink XMLSec Library

Found XMLSec Library listed on <?xmlhack?>.

Along with providing the actual XML Security library files (C libraries) designed to be used by other applications, the distribution also includes a command-line tool, xmlsec, for signing and encrypting documents.

This could solve my cyptlib woes for the time being.

5:38:22 PM  comment [] | Topics: Cryptography XML 

permalink Radio Template Macro Checklist

This template reconstruction process is more difficult than you would think. Apparently others are going through the same struggle that I am. I just rediscovered this resource which I have overlooked because the title threw me off - thanks to Dog Newsie for pointing it out.

How to Create a Theme is a good resource for people reconstructing their templates. Even if you have no interest in creating a theme for others to use, this tutorial provides a useful checklist for home template, item template, desktop homepage template macros to include.

5:15:35 PM  comment [] | Topics: CSS 

permalink 

Howard Newton. "People forget how fast you did a job - but they remember how well you did it." [Motivational Quotes of the Day]

So I located, downloaded, and compiled cryptlib. No errors! Next I compiled testCryptLib. No errors! Next I ran testCryptLib. Errors. That's just great.

I could go ahead and write the code that calls cryptlib, then present my prototype with the disclaimer that cryptlib's self-test program currently fails, but when that is ironed out, here is how we will call it. Does that seem shifty? It's going to sound like "here is the program. It doesn't work, but it is done."

Looking at this another way, presenting the flawed prototype keeps the superiors apprised of the project status. I hope nobody panics when testCryptLib doesn't pass (yet).

3:24:28 PM  comment [] | Topics: Cryptography XML 

permalink I should have kept my mouth shut.

I should probably explain a previous post. No mockery took place, if it was interpreted that way I apologize. It is a relief to witness productive prolific webloggers experience writer's block. Witnessing inhibitions in others often diminishes them within ourselves, that's all.

If you don't believe me, see this. Also see this. I should have kept my mouth shut.

It's tricky?. I think my Blogging is Difficult post was a little corny, overdone, and maybe gave people the wrong impressions....

I'll stop the meta-blogging/navel-gazing now and return you to my normal disjointed ramblings. That is what I promised and that is what I will deliver.

[Blogging Roller]

2:32:17 PM  comment [] | Topics: Writing 

permalink Use Private Keys, no - Use Public Keys, no - ...

Jon Udell is opening a can of worms, I must not look...

I always knew there were ways to encrypt information and I accepted that. Then I was assigned the task of revamping our software licensing process. This required me to choose an encryption method. Choosing an encryption method required me to justify my selection against its alternatives. Justifying my selection required me to understand both my selection and the alternatives that I did not choose.

So I did some reading, and once I understood the difference between Private Key Encryption and Public Key Encryption, I changed my mind. Public Key Encryption surely seemed like the better choice.

If some rogue ex-employee were to take the private key and issue passwords for a discounted price, we could throw out the old key pair and replace it with two new keys. Because one of the keys of the pair is public, we could simply distribute it along with the encrypted information. No need to hard-code the private key in the software, right? No need to require customers to reinstall existing software, right? No need to maintain legacy password generation programs, right? (Anyone who has done this before, please comment...please throw me a clue...)

Yes, I thought I finally had gotten it. Public Key Encryption provides more convenience, more security, more robustness than Private Key Encryption.

I am trying to resist looking at Jon Udell's post. He is questioning his long-held assumption that Public Keys were the way to go.

Remind me why I need a public key. Dick Hardt, founder and now CTO of ActiveState, was prowling around the digital ID conference asking a deceptively simple question: "Why do I need a key pair?" ...
[Jon's Radio]

2:05:29 PM  comment [] | Topics: Cryptography XML