W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

ISSUE-107: deprecate decryption transform?, see what you sign and workflow [v.next (Design for XML Signature V Next)]

From: XML Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Tue, 24 Feb 2009 21:33:33 +0000 (GMT)
To: public-xmlsec@w3.org
Message-Id: <20090224213333.69BD45F74F@stu.w3.org>

ISSUE-107: deprecate decryption transform?, see what you sign and workflow [v.next (Design for XML Signature V Next)]

http://www.w3.org/2008/xmlsec/track/issues/107

Raised by: Ed Simon
On product: v.next (Design for XML Signature V Next)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0006.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0007.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0008.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/att-0009/00-part (Pratik)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0011.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0013.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0014.html

I struggle to find a scenario where all of the following hold:

1) use of the decryption transform is necessary 

2) it provides correct guarantees of authentication, privacy and secure operation in the presence of an adversary

3) it is more appropriate than specifying ordering explicitly with an XProc workflow, a protocol specification or as an implicit part of application logic

Of these, I'm most opinionated that (2) should not be neglected as a necessary condition of any feature proposed for inclusion in the 2.0 specs.

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0015.html
Received on Tuesday, 24 February 2009 21:33:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT