- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 15 Nov 2001 12:29:32 -0500
- To: "Amir Herzberg" <Amir.Herzberg@newmail.net>, <imamu@jp.ibm.com>, <maruyama@jp.ibm.com>
- Cc: <xml-encryption@w3.org>
On Wednesday 14 November 2001 10:40, Amir Herzberg wrote: > First a small typo (in Oct. 18th draft - maybe fixed already): in > section 1.1, `Purpose`, 1st paragraph: > > s/Two validate/To validate/ Hi Amir, I think this is already fixed in the Editors' version: http://www.w3.org/Encryption/2001/Drafts/xmlenc-decrypt > However, there is another solution: do not _sign_ the encrypted data in > the first place. Namely, the transform could have a third operation > which completely removes encrypted-then-signed elements, This is possible and achievable within the framework of xmldsig itself. One could write an XPath expression that removed the encrypted portions one does not want to sign. The original goal of *this* transform was not to address this problem, but the *time* dimension. (Ooh, sounds sci-fi! <smile/>) How does a signature creator who wishes to sign a document (including encrypted blobs or no encrypted blobs) indicate the state of the document *prior* to subsequent encryptions that he might have no knowledge or control over. Hence, a "decrypt all the blobs before validating me" transform. And of course, if he actually *wanted* to sign some encrypted blobs, he needs a "except these." Consequently, if I understand properly, I think your functionality can be addressed, but I'm not sure if we should conjoin the two problems of partial signatures, and the time dimension in this spec. > Please use from now my new e-mail: Amir.Herzberg@newmail.net (You might want to set your Reply-To: accordingly!) -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Thursday, 15 November 2001 12:29:38 UTC