- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Mon, 08 Jan 2001 15:33:53 -0500
- To: "Sanjeev Hirve" <shirve@cyberelan.com>
- Cc: "Philip Hallam-Baker" <pbaker@verisign.com>, <xml-encryption@w3.org>
At 15:11 1/8/2001 -0500, Sanjeev Hirve wrote: > >Case 2: > > Message B states only that it is in schema PQR which is the standard > schema for the application and incorporates the XML > > encryption schema. The node encryption was considered at the time the > schema was created. >In this case, the schema designer, primarily an business expert, must also >tale into account encryption requirements, sometimes there may be >conflicting design goals. This assumption could be fraught with >pitfalls. It may be better to keep security as "transparent" as possible. In general, this is the approach we took in xmldsig. We could not presume that schema authors would know about xml signature/encryption and design their schema accordingly. __ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Monday, 8 January 2001 15:34:03 UTC