Blog Home  Sign In RSS 2.0 Atom 1.0 CDF  

  def Softwaremaker() :
         return "William Tay", "<Challenging Conventions />"

  knownType_Serialize, about = Softwaremaker()
 

 Saturday, July 08, 2006

I cannot help but grin when I found out the next Crypto API (CAPI) - or termed - Crypto NextGen (CNG) and the suite it encompasses will be all included in Microsoft Windows Vista.

This article says it all. Elliptical Curves Cryptography (ECC) should definitely be there (and is) when the Base Smart Card Cryptographic Service Provider (Base CSP) is there as well.

It will be a long post to explain why the industry is adopting ECC and slowly adopting it and making it the cryptographic algorithm of choice. If you do understand the key concepts of prime factoring behind the concepts of Public-Private (or Asymmetric) Key Cryptography and the constraints of it moving forward into the future and the proliferation of mobile embedded devices, these 2 diagrams should suffice.

NIST_PubKeyCorreAESKey.gif

InverseDifficulty.gif

Doesnt that give you a hint of where we are going with computing processing power and where it may be next time ?

Saturday, July 08, 2006 6:13:10 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  •  Friday, July 07, 2006

    This popped into my inbox a while ago ...

    image_emailing_securetheweb_072006.jpg

    Contests like this are just great. Not only are you receiving money (if you win... Who cares, even if you dont, a digital mutation of your idea may still evolve to a sellable one), you are competing with the best to generate a innovative, marketable, secured and (hopefully) usable product. The byproduct derived from the entire process would be similar to a mini-version of an RFC. Bad and unsecured ones would have been shot down and the good ones could be made better with a few ingenious tweaks.

    Now only if I can find 25.5 hours in any given day ...

    Friday, July 07, 2006 6:45:38 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  • Blasphemy ...

    It is finally published. After many, many, and I mean, many months of paying the process tax for this piece, it is finally LIVE !

    I started this piece with the first ever March 2005 CTP of Windows Communication Foundation (WCF, previously - Indigo) and I went through so many port demos and edit document cycles its so unbelievably painful ...

    But it is really good to see this in online form and shape.

    I started with this idea even though MSFT Corp has explicity stated that it will not support any form of interoperability between WSE 2.0 and WCF, even though it is "theoretically possible to develop Web services using WSE 2.0 in such a way that they can interoperate with WSE 3.0 (and WCF) by using only a reduced set of specifications"

    More importantly, the main reason for the motivation to write such a piece is written in the article itself and I quote:

    [BEGIN QUOTE]


    ...WSE 2.0 has seen 3 service pack releases since its official launch in 2004. It implemented the OASIS Web Services Security 1.0 specification which was the widely accepted interoperability standard protocols between secured web services as well as the implementations of WS-Addressing, WS-SecureConversation and WS-Trust. It was integrated very nicely into Visual Studio 2003. Even BizTalk Server 2004 carries with it a WSE 2.0 adapter for securing of Web Services. Thus, it would be fair to assume that there is more than its fair share of implementations in the market today.

     

    Depending on timing, budget, complexity and a whole host of other requirements, some of these applications will need to be moved and migrated to WSE3.0 and some to WCF. Aaron Skonnard has provided a great resource in his “Service Station” column on MSDN on a brief overview on the migration of WSE 2.0 applications to WSE 3.0 ones. However, as stated in his article, there are some major changes in the programming model and architecture in WSE 3.0 and migrating them from WSE 2.0 may not be trivial.

    Another very important factor to take note is while WinFX, and therefore WCF, is available downstream from Windows Vista to Windows 2003 and Windows XP. That is as far down as it goes. There still exists a huge installed base of Windows 2000 Servers out there running on server and data farms and if you need to implement the advanced Web Services stacks on those servers, WSE is still a very important strategy you cannot ignore.

    As noted in the above guidelines, even though Microsoft will not guarantee interoperability between WSE 2.0 and WCF, the good news is that there are a few WSE 2.0 common scenarios, which can allow wire-interoperability with WCF. I will illustrate them in the next section...


    [END QUOTE]

     

    So, this article will outlined WHAT that reduced set of specifications are and HOW to go about using them.

    Many Special Thanks go to Kirill, the Interop PM on WCF, who gave me a couple of tips to get over the port-over humps I had thoughout this piece since last year. And of course, I cannot forget Clemens, who is the catalyst to making this publication happen when he came onboard.

    I hope this helps at least someone out there. Enjoy !

    Friday, July 07, 2006 6:11:57 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions