- From: Dournaee, Blake <bdournaee@rsasecurity.com>
- Date: Wed, 31 Oct 2001 14:58:24 -0800
- To: "'reagle@w3.org'" <reagle@w3.org>
- Cc: "'xml-encryption@w3.org'" <xml-encryption@w3.org>
Joseph, >Couldn't one use encrypt <ds:KeyValue/> as a <enc:EncryptedKey/> without >resorting to ASN.1? Yes, the only problem is that we have to choose a key derivation function for the password based encryption, and this is out of scope for the spec. Choosing something like PKCS#5 v2 or PKCS#12 for PBE would work, but nobody has specified this. >Well, this is one of those issues that if you specifiy/propose some text >for section 5, you might be able to win a consensus from the WG to adopt >it, but absent someone, who wants it, making a substantive proposal and >convincing others, it's not likely to happen! <smile/> Fair enough :) I just wanted to see if it was thought about. I can't say I have the expertise to make a proposal, although if I did, I would specify PBE as specified in PKCS#5 version 2, but I'm not an expert and not aware of advances in PBE "technology." Any takers? Blake Dournaee Toolkit Applications Engineer RSA Security
Received on Wednesday, 31 October 2001 17:53:41 UTC