W3C home > Mailing lists > Public > xml-dist-app@w3.org > January 2002

Re: Encryption and the processing model

From: Mark Baker <distobj@acm.org>
Date: Fri, 11 Jan 2002 09:25:43 -0500 (EST)
Message-Id: <200201111425.JAA02087@markbaker.ca>
To: rsalz@zolera.com (Rich Salz)
Cc: david.orchard@bea.com (David Orchard), xml-dist-app@w3.org
> > > I'm thinking that we need to require that the root element of each
> > > header block be unencrypted.  In other words, the header "name"
> > > and qualifiers (actor, mustUnderstand) MUST be visible.
> 
> I think that's too limiting. For example, a SET-like protocol where I
> encrypt my bank header such that your bank can see it, but you can't.
> 
> I'd rather see us solve the problem in the documentation.

I don't believe my suggestion prevents what you describe, as long as
you're not trying to hide the existence of the header, just its
value/content.

I'm also not very familiar with SET, so I don't know whether it has a
processing model that places visibility requirements on header names
and qualifiers, as SOAP does.

MB
-- 
Mark Baker, Chief Science Officer, Planetfred, Inc.
Ottawa, Ontario, CANADA.      mbaker@planetfred.com
http://www.markbaker.ca   http://www.planetfred.com
Received on Friday, 11 January 2002 09:24:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:05 GMT