Re: Minor comments on the spec from Takeshi Imamura on 2001-11-20 (xml-encryption@w3.org from November 2001)

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Wed, 21 Nov 2001 02:54:21 +0900
To: reagle@w3.org
Cc: Eastlake <dee3@torque.pothole.com>, xenc <xml-encryption@w3.org>
Message-ID: <OF0212C3FC.01D9888E-ON49256B0A.005A939E@LocalDomain>

Joseph,

>> >> >EncryptedKey, I forgot to move its text when I did that, but I fixed
>> >> > that in the last edit.
>> >>
>> >> Is the Type attribute also needed for the EncryptedKey element?  I
>> >> could not find such a description in the spec.
>> >
>> >Yes, if the decrypted CipherData was a ds:KeyValue for instance, you
>> > would want to process it according to 4.2.4, right?
>>
>> Do you mean that you encrypt a ds:KeyValue element into an EncryptedKey
>> element with the Type Element?  To my understanding, it is not allowed.
>
>Are you saything the following example with [000] inserted needs to be
>prevented?
>
>  [t09] <EncryptedKey Id='EK' CarriedKeyName="John Doe"
>  [t10]  xmlns='http://www.w3.org/2001/04/xmlenc#'
>  [000]  Type='http://www.w3.org/2001/04/xmlenc#Element'>
>  [t11]   <EncryptionMethod
>           Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
>  [t12]   <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
>  [t13]     <ds:KeyName>John Smith</ds:KeyName>
>  [t14]   </ds:KeyInfo>
>  [t15]   <CipherData><CipherValue>xyzabc</CipherValue></CipherData>
>  [t19] </EncryptedKey>
>
>[000] Is saying that when you decrypted the CipherValue, you can expect to
>find an XML element, perhaps a <ds:KeyValue>3ab3333</ds:KeyValue>

I understand what you say, but if you encrypt a key as an XML element or
element content, I think you should represent the result using not the
EncryptedKey element but the EncryptedData element.


>> >> So should the implementation give a warning when a user is encrypting
>> >> a key with a nonce value and/or decrypting a key encrypted with a
>> >> nonce value?
>> >
>> >Why would a warning be necessary? (Warn of what?) I really don't see
the
>> >processing (from an XML decryption point of view) of EncryptedData or
>> >EncryptedKey as very different. There both processed to get you the
>> >plain-data, the only different is that one has a little more
"meta-data"
>> >about the EncryptedKey's plain-data, it's a key.
>>
>> A nonce cannot be used for encrypting a key, right?
>
>Yes.
>
>> So I just thought
>> that, if a user was trying to use a nonce for encrypting a key, it would
>> be helpful to warn the user of the illegal use of nonce.  Our
>> implementation just ignores such a nonce, though.
>
>I fear I'm still not understanding the "illegal" use of nonce. Perhaps
>specific text proposal to the text would help me understand.

The reason why I insist on this is that, as you mentioned, the processing
of the EncryptedData element and that of the EncryptedKey element are not
very different, and hence the APIs for them would not be also very
different, but such APIs may accept an unexpected nonce.  But now we have
decided to remove the Nonce attribute from the EncryptedKey element and
such a nonce can be detected as an illegal EncryptedKey structure, it is OK
to me.

Thanks,
Takeshi IMAMURA
Tokyo Research Laboratory
IBM Research
imamu@jp.ibm.com

Received on Tuesday, 20 November 2001 12:52:15 UTC