W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2001

RE: Comments on the requirements draft

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Thu, 22 Mar 2001 16:33:03 -0500
Message-Id: <4.3.2.7.2.20010322162131.00b96990@rpcp.mit.edu>
To: Ed Simon <ed.simon@entrust.com>, Blair Dillaway <blaird@microsoft.com>
Cc: xml-encryption@w3.org
At 11:35 3/22/2001 -0500, Ed Simon wrote:
>Given that the discussion of attribute encryption has been intense but
>inconclusive, why don't we drop trying to express the rationale one way
>or the other in the requirements document and just keep the solicitation
>for feedback.

I think this is a good idea Ed. The thing that I'm most concerned is that 
for the two more complex features of (a) attribute encryption and (b) 
signature+encryption, when we punt on these as out of scope or an 
application issue, we give an indication as to whether an application has a 
sound option.

For signature+encryption, we say it's out of scope, but here's two well 
specified application options (always encrypt signature, or the 
decrypt-exception transform.)

For attribute encryption, we say it's out of scope and we do not yet have 
any well specified option/recommendation.

So, I second your proposal with the following amendment to the comment:
>The Working Group (WG) solicits comment on this requirement from the 
>broader community. After much discussion about the requirements, 
>complexities, and alternatives of attribute encryption {List: Hallam-Baker, 
>Simon, Reagle} the WG has decided to  proceed under the requirement of 
>element encryption while remaining open to further comment, experimentation 
>and specification of attribute encryption proposals or alternatives that 
>satisfy the requirement to encrypt sensitive attribute values.


__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Thursday, 22 March 2001 16:33:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT