W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

Re: Attribute encryption

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Mon, 08 Jan 2001 15:33:53 -0500
Message-Id: <4.3.2.7.2.20010108153225.02c67b80@rpcp.mit.edu>
To: "Sanjeev Hirve" <shirve@cyberelan.com>
Cc: "Philip Hallam-Baker" <pbaker@verisign.com>, <xml-encryption@w3.org>
At 15:11 1/8/2001 -0500, Sanjeev Hirve wrote:
> >Case 2:
> >    Message B states only that it is in schema PQR which is the standard 
> schema for the application and incorporates the XML
> > encryption schema. The node encryption was considered at the time the 
> schema was created.
>In this case, the schema designer, primarily an business expert, must also 
>tale into account encryption requirements, sometimes there may be 
>conflicting design goals.  This assumption could be fraught with 
>pitfalls.  It may be better to keep security as "transparent" as possible.

In general, this is the approach we took in xmldsig. We could not presume 
that schema authors would know about xml signature/encryption and design 
their schema accordingly.

__
Joseph Reagle Jr.
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Monday, 8 January 2001 15:34:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT