|
 |
Sunday, November 03, 2002 |
|
IBM database cuts puts heat on Oracle. ZDNet - IBM said Thursday it would slash the price on the new version of its database for mid-size companies and simplify pricing on its updated high-end database.
Price war looms as IBM slashes database pricing CRM-Forum News
IBM to slash some database prices Forbes
[Google Technology News]
"The new price for Big Blue's entry-level DB2 Workgroup Server Unlimited Edition database will be $7,500 per processor, 46 percent lower than the $14,000 per processor price on the current version. That database--often used by companies with fewer than 1,000 employees--also is referred to as DB2 standard edition."
|
|
Thursday, October 24, 2002 |
|
OASIS group forms to tackle digital signature quagmire. Standard to let Web services verify digital signatures, prove authenticity
[InfoWorld: Top News]
|
|
Wednesday, October 23, 2002 |
|
IBM news:
IBM puts power in new "blade" server. Big Blue unveils a prototype of a new high-end, compact server that will include a version of its Power processor.
[CNET News.com]
Note to self: AIX is IBM's version of UNIX (not HP's version).
HP Itanium, formerly known as the Compaq Himalaya, formerly known as Tandem.
HP to double the processor count in Itanium servers. Attempting to fill technology gap
[InfoWorld: Top News]
|
|
Thursday, October 17, 2002 |
|
This is good to know before we test our new XML passwords on OS390. This also helps me answer the encoding question.
XML spec moves ahead despite gripes. The World Wide Web Consortium advances XML 1.1 amid complaints that it is breaking the specification's backwards-compatibility in order to benefit IBM....
...The revision of XML comes with a trio of changes to the specification's treatment of Unicode, an increasingly global standard for representing characters in computerized text.
Among the Unicode revisions is a change that will specifically benefit users of IBM's mainframe systems--and that has inspired complaints that IBM is exercising more than its fair share of influence on the XML working group....
...The IBM-specific problem that XML 1.1 aims to fix has to do with a special character that designates to IBM mainframe systems the end of a line of text. XML 1.0 chokes on that character, but version 1.1 would recognize it.
[CNET News.com]
|
|
Wednesday, October 16, 2002 |
|
Why Encode?
Yet another one of those questions I did not have an answer to. "Encoding? Why? Can't you just write it out in hex?"
That's entirely possible. I need to understand the consequences of failing to encode before I will know for sure. Jotting down xmlhack's index of encoding articles for tonight's reading.
More notes on encoding, from the exPat FAQ:
By default, expat assumes that documents are encoded in UTF-8. In UTF-8, ASCII characters are represented by a single byte as they would be in ASCII, but non-ASCII characters are represented by a sequence of two or more bytes all with the 8th bit set. The encoding most widely used for European languages is ISO 8859-1 which is not compatible with UTF-8. To use this encoding, expat must be told either by supplying an argument of "iso-8859-1" to XML_ParserCreate, or by starting the document with <?xml version="1.0" encoding="iso-8859-1"?>.
|
|
Monday, October 14, 2002 |
|
Java Xenc Framework
xmlenc 0.4 [freshmeat.net]
I may have posted this already. If so please excuse the repeats.
|
|
Sunday, October 13, 2002 |
|
XMLSec Library
Found XMLSec Library listed on <?xmlhack?>.
Along with providing the actual XML Security library files (C libraries) designed to be used by other applications, the distribution also includes a command-line tool, xmlsec, for signing and encrypting documents.
This could solve my cyptlib woes for the time being.
Howard Newton. "People forget how fast you did a job - but they remember how well you did it." [Motivational Quotes of the Day]
So I located, downloaded, and compiled cryptlib. No errors! Next I compiled testCryptLib. No errors! Next I ran testCryptLib. Errors. That's just great.
I could go ahead and write the code that calls cryptlib, then present my prototype with the disclaimer that cryptlib's self-test program currently fails, but when that is ironed out, here is how we will call it. Does that seem shifty? It's going to sound like "here is the program. It doesn't work, but it is done."
Looking at this another way, presenting the flawed prototype keeps the superiors apprised of the project status. I hope nobody panics when testCryptLib doesn't pass (yet).
Use Private Keys, no - Use Public Keys, no - ...
Jon Udell is opening a can of worms, I must not look...
I always knew there were ways to encrypt information and I accepted that. Then I was assigned the task of revamping our software licensing process. This required me to choose an encryption method. Choosing an encryption method required me to justify my selection against its alternatives. Justifying my selection required me to understand both my selection and the alternatives that I did not choose.
So I did some reading, and once I understood the difference between Private Key Encryption and Public Key Encryption, I changed my mind. Public Key Encryption surely seemed like the better choice.
If some rogue ex-employee were to take the private key and issue passwords for a discounted price, we could throw out the old key pair and replace it with two new keys. Because one of the keys of the pair is public, we could simply distribute it along with the encrypted information. No need to hard-code the private key in the software, right? No need to require customers to reinstall existing software, right? No need to maintain legacy password generation programs, right? (Anyone who has done this before, please comment...please throw me a clue...)
Yes, I thought I finally had gotten it. Public Key Encryption provides more convenience, more security, more robustness than Private Key Encryption.
I am trying to resist looking at Jon Udell's post. He is questioning his long-held assumption that Public Keys were the way to go.
Remind me why I need a public key. Dick Hardt, founder and now CTO of ActiveState, was prowling around the digital ID conference asking a deceptively simple question: "Why do I need a key pair?" ...
[Jon's Radio]
