(But, if people want to signed, encrypt/decrypt, even if serialization is up to the app, we'll have to recommend an approach that doesn't loose information necessary to signature validation.) At 15:27 5/17/2001 -0400, Joseph M. Reagle Jr. wrote: >>I do believe we need to allow the app >>to do the serialization so they can choose to do operations such as >>C14N or serialize & compress. A big issue is whether we define a >>required serialization method in XML Encryption or always defer this >>operation to the using application. > >If we are doing octet encrpytion, then I think my bias shifts back to >Infoset to use to describe these things. And how an application serializes >the infoset into octets (that our spec then defines how to encrypt) could >be up to it even. __ Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature W3C XML Encryption Chair http://www.w3.org/Encryption/2001/Received on Thursday, 17 May 2001 15:37:38 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:19 GMT