W3C home > Mailing lists > Public > public-xmlsec@w3.org > October 2011

Re: Updated (v2) proposed XML Encryption 1.1 changes related to OAEP

From: Cantor, Scott <cantor.2@osu.edu>
Date: Fri, 7 Oct 2011 16:44:49 +0000
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, Magnus Nystrom <mnystrom@microsoft.com>
CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <CAB4A3F0.16D06%cantor.2@osu.edu>
On 10/7/11 8:35 AM, "Frederick.Hirsch@nokia.com"
<Frederick.Hirsch@nokia.com> wrote:
>Note that this is not the 1.1 schema but the 1.0 schema. However, this
>seems appropriate and as the new attribute is optional should not hurt
>existing implementations.

Ordinarily, no, you can't do this. The only caveat that might make it ok
here is that the Algorithm is new. A 1.0 implementation wouldn't handle
the algorithm, so you're moving a failure from one layer to another.

That said, this is generally just not done. There are assumptions built
into the whole house of cards of XSD aware software, and it just doesn't
fly.

There's a simple fix, just use an element. EncryptionMethod has a wildcard
in it, it's just not an attribute wildcard.

<xenc11:MGF Algorithm="..."/>

-- Scott
Received on Friday, 7 October 2011 16:45:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 7 October 2011 16:45:11 GMT