Is anyone actually using XML Encryption and XML Signature?
I do a lot of freelance writing and editing, particularly of Java- and XML-related content. Recently, I was tech. editing a piece, over several articles, on XML Signatures and XML Encryption. The article was pretty well-written, technically accurate... and utterly boring.
So my question is, "Is someone actually using this stuff?" Being an editor and advocate of open source, I often live in a bit of a bubble. Since my time is generally spent trying to stay ahead of the curve, it's easy to actually lose sight of where the curve really is. In other words, sometimes we get writing and talking about what's coming, and it's hard to tell what people are actually using right now.
I find myself in that situation with some of this XML stuff... I mean, are people really sending massive datasets aross the wire in XML in the first place? I've sort of been preaching against this for several years, because except in the odd use-case here or there, XML is just verbose and wordy... it's cool for platform agnostic stuff, but in most intra-application systems, there's just no need for it as a communication format. And to go from that to actually encoding it in a secure form, also in XML, just strikes me as silly... but then again, I'm trying to be ahead of the curve, right?
So let's hear it... are you guys working in corporate offices really putting this stuff into production, or am I drowning in someone's theoretical nonsense?