Re: Password Based Encryption for RSA Keys

There used to be a "password key derivation" requirement. There was some 
confusion about it (which Jim clarified [1]) but there has yet to be a 
champion for the requirement with a compelling proposal for its 
specification.

On Thursday 18 October 2001 16:27, Dournaee, Blake wrote:
> It seems to me that XML Encryption does not have a facility to encrypt
> RSA/DSA Private Keys using password-based encryption. E.g. There is no
> replacement for what is currently a PKCS#8 "EncryptedPrivateKeyInfo"
> structure (to use the ASN.1 terminology)
>
> Currently, there is no XML representation of such an encrypted construct,
> which is very odd because this form of encrypted data is especially
> "user-friendly" because it is unlocked with a password.
>
> Any ideas on this? Or perhaps it was decided against for some good
> reason?

-- 
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Wednesday, 24 October 2001 15:17:03 UTC