Re: Minor comments on the spec from Joseph Reagle on 2001-10-31 (xml-encryption@w3.org from October 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Wed, 31 Oct 2001 18:45:04 -0500
To: "Takeshi Imamura" <IMAMU@jp.ibm.com>
Cc: Eastlake <dee3@torque.pothole.com>, xenc <xml-encryption@w3.org>
Message-Id: <20011031234505.2FF91875AC@policy.w3.org>

[
  http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
  $Revision: 1.69 $ on $Date: 2001/10/31 23:44:38 $ GMT by $Author: reagle $
]

On Monday 15 October 2001 1:48, Takeshi Imamura wrote:
> >> to the schema of the EncryptedData element.
> >> There is no explanation for the EncryptionProperties element.
> >> "ElementContent" would be "Content".
> >
> >Type was moved into EncryptedType since it belonged to EncryptedData and
> >EncryptedKey, I forgot to move its text when I did that, but I fixed
> > that in the last edit.
>
> Is the Type attribute also needed for the EncryptedKey element?  I could
> not find such a description in the spec.

Yes, if the decrypted CipherData was a ds:KeyValue for instance, you would 
want to process it according to 4.2.4, right?

> >> 3.2
> >> I believe that a nonce value specified using the Nonce attribute is
> >> used only when encrypting data (not key).  Is that correct?  If so,
> >> that should be explained explicitly.
> >
> >Tweaked to, " Given that data is often redundant (e.g., XML) and that
> >attackers may know the data's structure, applications are RECOMMENDED to
> >encrypt data with high entropy, either by its own nature or by use of
> > the Nonce attribute."
>
> So should the implementation give a warning when a user is encrypting a
> key with a nonce value and/or decrypting a key encrypted with a nonce
> value?

Why would a warning be necessary? (Warn of what?) I really don't see the 
processing (from an XML decryption point of view) of EncryptedData or 
EncryptedKey as very different. There both processed to get you the 
plain-data, the only different is that one has a little more "meta-data" 
about the EncryptedKey's plain-data, it's a key.

> >> 3.5
> >> Because the URI attribute is optional, the behavior should be noted
> >> when the attribute is omitted.
> >> Transform and XPath elements in the example have to be prefixed with
> >> "ds:".
> >
> >Do we have any reason why it should be optional? If so, we should defer
> > to application context, if not, we should make it mandatory.
>
> I don't see any reason.

Ok, ReferenceType URI is now optional.

-- 

* I will be in France from 3-9 November for the W3C AC Meeting.

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Wednesday, 31 October 2001 18:45:13 UTC