W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

RE: Attribute encryption

From: Steve Wiley <steve@myProof.com>
Date: Wed, 10 Jan 2001 11:45:44 -0800
Message-Id: <4.3.2.7.2.20010110112252.00aa8ab0@myProof.com>
To: Blair Dillaway <blaird@microsoft.com>, "'Sanjeev Hirve'" <shirve@cyberelan.com>, Ed Simon <ed.simon@entrust.com>, xml-encryption@w3.org
Cc: Michael Sakhatsky <msakhatsky@cyberelan.com>, Raju Nadakaduty <praju@cyberelan.com>, Marcus A Cuda <mcuda@cyberelan.com>
At 11:11 AM 1/9/2001 -0800, Blair Dillaway wrote:
>Ed Simon's earlier email stated quite clearly the issue of complexity 
>versus value many of us are wrestling with. I have yet to see a compelling 
>example that justifies the complexity and tend to agree with Philip H.'s 
>earlier comments that "the set of all XML applications that require 
>encryption to be added under the constraint of inflexible adherence to a 
>legacy schema is the empty set."

This seems like a pretty bold statement to make, and it contradicts my 
experience. There are companies that started using XML fairly early and 
many of the applications that were developed were not upwardly 
compatible.  The problems we are have had is not with attributes but with 
encrypting element content.  Inserting new elements into what is expected 
to be only CDATA is the main problem that I have seen (especially for DOM 
parsers). We cannot tell a paying customer to redesign their legacy 
applications and XML vocabularies.

Steve Wiley
Received on Wednesday, 10 January 2001 14:43:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT