RE: "Replace and encrypt will be Recommended (optional)."

At 18:35 7/27/2001, edsimon@xmlsec.com wrote:
>Joseph wrote:
> >1. Was our intent to make this distinction upon encryption as well.
>I reply:
>Yes, we should have similar words for encryption too.

Ok, I tried to increase the symmetry. However, when we are doing a replace 
on encrypt are we:
1. returning the octets representing the characters of EncryptedData XML 
available (I think so, but it's a shame to have to serialize!)
2. returning the DOM nodes representing the EncryptedData element available.
3. executing a DOM function (replace).

When doing a replace on decrypt, same thing, octets or nodes?

When otherwise making the data available to the application, I presume it's 
always as octets serialization of the characters of the XML.

>I would go for RECOMMENDED simply because many applications will want to
>replacement at the end of either or both the encryption and decryption 
>processes.

Now that I've considered it, I'd think it should be REQUIRED to implement. I 
don't think it makes much sense to release this spec and implementation 
won't be able to be confident that a recipient can do a 
encrypt/decrypt&replace. Can you think of any reason to it shouldn't be 
REQUIRED?


--
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Monday, 30 July 2001 19:17:47 UTC