W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2009

RE: Review of XML Encryption / EXI integration (ACTION-493)

From: Scott Cantor <cantor.2@osu.edu>
Date: Mon, 14 Dec 2009 14:33:03 -0500
To: "'Thomas Roessler'" <tlr@w3.org>, "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Cc: "'Carine Bournez'" <carine@w3.org>
Message-ID: <008201ca7cf4$40c04f90$c240eeb0$@2@osu.edu>
Thomas Roessler wrote on 2009-12-07:
> Note that the schema type of CipherValue is base64binary, therefore it
would
> seem superfluous to normatively mention a separate base64 encoding step in
> the processing model; in fact, having an explicit base64 encoding step
could
> be read to indicate *double* encoding.

I don't think it's generally been the case that people read the schema type
to determine how to encode their data, or that people have inferred double
encoding in such cases, so I wouldn't go changing that piece.

> We should again say, additionally, that the intended processing model is
> to replace an EncryptedData element that holds "element" or "content"
> cleartext with that cleartext; I wonder whether we need to say anything
> special about EXI.

If I understood your earlier comments, I think you're suggesting that it's
mixing some fairly non-normative aspects of how to treat
encryption/decryption in the context of an application scenario with the
normative rules.

There probably should be a separate section that talks about the application
issues, among which might be the well known problem with encrypting
non-well-formed XML so that it's no longer always parsable when you decrypt
it.

-- Scott
Received on Monday, 14 December 2009 19:33:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 14 December 2009 19:33:39 GMT