W3C home > Mailing lists > Public > xml-encryption@w3.org > April 2001

RE: What's in a EncryptedKeys' CipherData?

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Fri, 06 Apr 2001 17:47:54 -0400
Message-Id: <4.3.2.7.2.20010406172956.027cfdf8@rpcp.mit.edu>
To: "Blair Dillaway" <blaird@microsoft.com>
Cc: <jimsch@exmsft.com>, "XML Encryption WG " <xml-encryption@w3.org>
At 14:23 4/6/2001 -0700, Blair Dillaway wrote:
>Well no.  Either you know the EncryptionMethod for the EncryptedKey
>implicitly
>or else it is provided by the EncryptionMethod element within the
>EncryptedKey element. EncryptionMethod information for an EncryptedData
>isn't relevant.

Yes it is. (I think). If I want to know of what type of data that raw octet 
set (when decrypted from within an EncryptedKey is), I have to go elsewhere.

I now realize were my confusion from this and NameKey is coming from.

If I have an EncryptedData that is relying upon and EncryptedKey, consider 
the symmetric key secured in that EncryptedKey. That set of octets has some 
properties.

(octets)
    --name--> NameKey element of the parent EncryptedKey
    --type--> EncryptionMethod of a referring EncryptedData

The tricky bit is when you look at the proposed structures, some of the 
elements/attributes (like KeyInfo) are used to convey information about that 
data object (EncryptedData and EncryptedKey) and others are used to convey 
information about a resource to which to they relate (but doesn't become 
revealed until they are processed.)


__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Friday, 6 April 2001 17:48:07 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT