There used to be a "password key derivation" requirement. There was some confusion about it (which Jim clarified [1]) but there has yet to be a champion for the requirement with a compelling proposal for its specification. On Thursday 18 October 2001 16:27, Dournaee, Blake wrote: > It seems to me that XML Encryption does not have a facility to encrypt > RSA/DSA Private Keys using password-based encryption. E.g. There is no > replacement for what is currently a PKCS#8 "EncryptedPrivateKeyInfo" > structure (to use the ASN.1 terminology) > > Currently, there is no XML representation of such an encrypted construct, > which is very odd because this form of encrypted data is especially > "user-friendly" because it is unlocked with a password. > > Any ideas on this? Or perhaps it was decided against for some good > reason? -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/Received on Wednesday, 24 October 2001 15:17:03 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:19 GMT