W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2001

Re: Decryption Transform Specification

From: Joseph Reagle <reagle@w3.org>
Date: Tue, 13 Nov 2001 17:24:36 -0500
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>, xml-encryption@w3.org
Message-Id: <20011113222436.DFCFD87415@policy.w3.org>
On Sunday 11 November 2001 10:26, Donald E. Eastlake 3rd wrote:
> - I think the Abstract is a bit strong and general.  How about
> something more like
>
>      This document specifies a "decryption transform" for use in XML
>      Digitial Signatures such that, in many cases, it is possible to
>      detect subsequent signature invalidating encrytions and undo
>      them.

Now:

This document specifies an XML Signature "decryption transform" that 
enables XML Signature applications to distinguish between those XML 
encryption structures that were encrypted before siganture (and must not be 
decrypted) and those that were encrypted after the signature (and must be 
decrypted) such that signature validation occurs over the actual data 
signed. 

> - Why is it only applicable to EncryptedData? Why shouldn't I be able
> to have a signature that includes an EncryptedKey in its scope and
> still protect it?

Fixed.

> - Much of the XML is clipped by the right margin when I print it on
> paper.

Ok, I've tried to trim those a bit more.

> - First sentence of section 6.1: I don't see that this has the power
> to permit or prohibit anything. How about "facilitate" instead of
> "permit".

Ok.

-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Tuesday, 13 November 2001 17:24:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:19 GMT