W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

Encrypting external data

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Wed, 24 Jan 2001 22:52:16 +0900
To: Ed Simon <ed.simon@entrust.com>
Cc: xml-encryption@w3.org
Message-ID: <OF6A55C91F.7C88FDB7-ON492569DE.00443BBD@LocalDomain>


Hello Ed,

I think you are very interested in encrypting external data such as video
and image.  I have the following questions on this:

1. In [1], I found a conflict on handling external data.  Section 4.1 says:

>4.2  If the data being encrypted is an external octet sequence,
>replace the value with the encrypted result and create an
>EncryptedData structure referencing the encrypted data. ...

while section 5.8 says:

>becomes (after the MPEG has been encrypted and stored in
>"secret.enc" (and secret.mpg deleted): )

Which is correct?

2. According to [1], when an element is encrypted doubly (i.e., <foo> is
encrypted into <EncryptedData> and then <EncryptedData> is encrypted into
<EncryptedData>'), the encrypted data can be decrypted correctly.  This is
because the order of decryption is determined uniquely.  On the other hand,
suppose external data is encrypted doubly, especially by different persons.
How is the order of decryption determined?

[1]
http://lists.w3.org/Archives/Public/xml-encryption/2000Dec/att-0024/01-XMLEncryption_v01.html

Thanks,
Takeshi IMAMURA
Tokyo Research Laboratory
IBM Research
E-mail: imamu@jp.ibm.com
Received on Wednesday, 24 January 2001 08:52:32 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT