W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2001

(unknown charset) Re: XML Encryption Data/Processing Model

From: (unknown charset) Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Thu, 29 Mar 2001 19:33:40 +0900
To: (unknown charset) "Joseph M. Reagle Jr." <reagle@w3.org>
Cc: (unknown charset) "XML Encryption WG " <xml-encryption@w3.org>, "Dan Connolly" <connolly@w3.org>, "Philippe Le H ├ęgaret" <plh@w3.org>, "Hiroshi Maruyama" <MARUYAMA@jp.ibm.com>
Message-ID: <OF343D2846.49A5F62D-ON49256A1E.002F95E5@LocalDomain>


Joseph,

>* Serialization: We would need to define a serialization for the
>  Information Set. Richard Tobin has worked on a proposal for
>  serializing a post-schema-validated Infoset. Or (since the serialization
>  isn't as sensitive as it was in signature which requires all
serialization
>  of the same instance to be bit-by-bit identical) we might be able to
leave
>  this up to applications.

The serialization is not so sensitive if only encryption is performed.
However, that may not be true if both encryption and signature are
performed on a document.  For example, suppose that a user signs and then
encrypts a document, where he defines and uses his own serialization which
does not preserve information set.  Another user will fail in verifying the
signature because the original document cannot be retrieved.  For such
reason, I think we should define at least a serialization for information
set.

Thanks,
Takeshi IMAMURA
Tokyo Research Laboratory
IBM Research
imamu@jp.ibm.com
Received on Thursday, 29 March 2001 05:33:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT