W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

XML Encryption questions

From: Frederick J. Hirsch <hirsch@caveosystems.com>
Date: Mon, 22 Jan 2001 15:53:27 -0500
To: <xml-encryption@w3.org>
Message-ID: <NEBBLPMKCKBLFHBJIHPCMEICCIAA.hirsch@caveosystems.com>
I have questions/comments about XML encryption, regarding the draft
XML Encryption Syntax and Processing, Version 1.0 15-December-2000.

1) Is the Initialization Vector (IV) in the Algorithm namespace? (Section 5.2)
Is that what the s0 namespace is implying? Shouldn't the example read:
<s0:IV xmlns:s0='urn:nist-gov:aes-128-cbc'>ABCD</s0:IV>

I'm not sure what I am missing, but an arbitrary namespace does not seem
correct.

2)Section 2.5 on invalid nesting is still unclear to me.  Are not the
constraints implied in this section addressed by the schema definitions of
EncryptedKey and EncryptedData in section 3.1? I'm not sure why one would want
to define the EncryptedData element recursively.

On the other hand, one would want to be able to encrypt elements which have
already been encrypted, but from the discussion on this list that is allowed.

3) Is the motivation for a DataReference in an EncryptedKey EncryptionMethod
element to allow a processing optimization for decryption of all the encrypted
elements for that key?

4) If it is necessary to hide the content type (e.g. in the video example in
section 5.8) then would the correct alternative be to encrypt the entire video
element rather than just the referenced content?

5) Why not call the NameKey attribute "KeyName" in the EncryptedKey element?
KeyName would be consistent with the KeyName element in the EncryptedData
element.

thanks

< Frederick
Received on Monday, 22 January 2001 15:46:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT