- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Mon, 16 Jul 2001 15:44:00 -0400
- To: "Orchard, David" <dorchard@jamcracker.com>
- Cc: xml-encryption@w3.org, xml-dist-app@w3.org
http://www.w3.org/TR/2001/WD-xml-encryption-req-20010420#sec-Processing
At 16:10 7/15/2001, Orchard, David wrote:
>The XML Encryption Working drafts do not provide sufficient information for
>use in SOAP messages, SOAP headers and by SOAP intermediaries. The
>intersection of encryption with body and headers, and the processing model
>therein, is underspecified.
Hi David,
Thanks for the comment -- and lunch-time conversation last week at the XML
Processing Workshop. As we learned at that workshop, this issue is one of
these cross-layer/WG issues for which both communities (protocol and
encryption) need to be cognizant of.
>I think that Encryption should allow specification of at least 2 schemas so
>that the document is valid in both encrypted and decrypted states.
>Alternatively, Encryption should state that it is not solving this problem,
>that each application using Encryption must determine
As noted, this is largely stated in our requirements:
http://www.w3.org/TR/2001/WD-xml-encryption-req-20010420#sec-Processing
2. XML Instance Validity {WS}
1. Encrypted instances must be well-formed but need not be valid against
their original definition (i.e. applications that encrypt the element
structure are purposefully hiding that structure.)
2. Instance authors that want to validate encrypted instances must do
one
of the following:
1. Write the original schema so as to validate resulting instances
given the change in its structure and inclusion of element types
from the XML Encryption namespace.
2. Provide a post-encryption schema for validating encrypted
instances.
3. Only encrypt PCDATA text of element content and place its
decryption
and key information in an external document. (This requires
granular detached /external encryption.)
Consequently, an application could certainly maintain two sets of schema for
pre/post encryption. Whether this is the job of Encryption, SOAP, or an XML
Processing Language is a good and hard question... My initial response is to
say it's not in scope of the XML Encryption spec directly -- as there will
be many apps -- but I think we're certainly obligated to be able to support
its requirements:
6. Coordination
The XML Encryption specification should meet the requirements of (so as to
support) or work with the following applications:
* XW3C XML Signature {Reagle}
* W3C XML Protocols {Reagle}
* Oasis XML-Based Security Services TC (SSTC) {Reagle}
* Synchronized Multimedia Integration Language. {List: Simon}
>6. Does xml encryption augment the infoset in any way?
Earlier we did discuss if we were doing Infoset, XPath nodeset, or XML1.0
encryption. You'll note in the present specification we are pursuing the
XML1.0 syntax route. This doesn't appear to cause any problems, so far, but
I think these questions and the scenarios you clearly laid out can be best
addressed with implementation experience. I hope the XP WG and SAML TC will
give consideration to the questions you pose, and I think it's a good idea
to use scenarios from those domain to test our interop requirements in
Candidate REC.
--
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Monday, 16 July 2001 15:44:04 UTC