W3C home > Mailing lists > Public > xml-encryption@w3.org > October 2001

Re: Minor comments on the spec

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Wed, 17 Oct 2001 20:56:44 +0900
To: reagle@w3.org
Cc: Eastlake <dee3@torque.pothole.com>, xenc <xml-encryption@w3.org>
Message-ID: <OF28A5AC37.00E22952-ON49256AE8.003BE4D1@LocalDomain>


>It could, you might want to desribe the type of key (pgp,spki, etc.) that
>is within, right...?

I thought that the Type attribute for the EncryptedKey element is redundant
because the type of key is identified by the EncryptionMethod element of
the parent EncryptedData or EncryptedKey element.  But as you pointed,
someone may want to describe it to the attribute.  So it's OK for me.

>I don't think the spec needs to speak to that: implementation issue? I did
>add the nonce processing to the processing model, so as long as we are
>clear on that, we shouldn't have interop problems.

But the current spec just says "If present, prepend the nonce and encrypt
the octets using the algorithm and key from steps 1 and 2." and some
algorithms (e.g., RSA-v1.5) can accept a nonce value theoretically, and so
some implementors may get confused.  So I thought that it should be
explicitly noted that a key cannot be encrypted with a nonce value.

Tokyo Research Laboratory
IBM Research
Received on Wednesday, 17 October 2001 07:56:58 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:02 UTC