- From: Takeshi Imamura <IMAMU@jp.ibm.com>
- Date: Wed, 17 Oct 2001 20:56:44 +0900
- To: reagle@w3.org
- Cc: Eastlake <dee3@torque.pothole.com>, xenc <xml-encryption@w3.org>
Joseph, >It could, you might want to desribe the type of key (pgp,spki, etc.) that >is within, right...? I thought that the Type attribute for the EncryptedKey element is redundant because the type of key is identified by the EncryptionMethod element of the parent EncryptedData or EncryptedKey element. But as you pointed, someone may want to describe it to the attribute. So it's OK for me. >I don't think the spec needs to speak to that: implementation issue? I did >add the nonce processing to the processing model, so as long as we are >clear on that, we shouldn't have interop problems. But the current spec just says "If present, prepend the nonce and encrypt the octets using the algorithm and key from steps 1 and 2." and some algorithms (e.g., RSA-v1.5) can accept a nonce value theoretically, and so some implementors may get confused. So I thought that it should be explicitly noted that a key cannot be encrypted with a nonce value. Thanks, Takeshi IMAMURA Tokyo Research Laboratory IBM Research imamu@jp.ibm.com
Received on Wednesday, 17 October 2001 07:56:58 UTC