W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2002

RE: XMLP/XMLE Use cases and processing models

From: David Orchard <david.orchard@bea.com>
Date: Wed, 13 Feb 2002 15:42:47 -0800
To: <reagle@w3.org>, "'xenc'" <xml-encryption@w3.org>, <www-xenc-xmlp-tf@w3.org>, <xml-dist-app@w3.org>
Cc: <maruyama@jp.ibm.com>, <imamu@jp.ibm.com>
Message-ID: <004d01c1b4e8$24b07140$190ba8c0@beasys.com>
Hiroshi's example seems excellent to me.  I note that the Header is actually
in the SOAP-SEC namespace, and knows about encryption.  Further the header
block is the SOAP-SEC:Encryption element, so dispatch is possible based on
either the element or the namespace.  Finally, there is an explicit actor.
And SOAP uses the actor to do dispatch.  In reality, your example #4 is
actually not really related to encryption.  It's related to what the
SOAP-SEC intermediary does.

My concerns have been about the case where a vocabulary that knows nothing
about encryption has a portion of an instance encrypted, and keeping the
namespace name and root element of the vocabulary as if encryption didn't
occur is "fibbing" about the namespace.  Imagine if SOAP-SEC did NOT know
about encryption, yet had encrypted content, how would a dispatcher know to
decrypt content?  This is also assuming there is no explicit soap actor.

See my different message today on my proposal for an XMLE content-type and
wording on documents containing XMLE content must provide meta-data if
decryption is required.

Cheers,
Dave


> -----Original Message-----
> From: Joseph Reagle [mailto:reagle@w3.org]
> Sent: Thursday, February 07, 2002 9:55 AM
> To: David Orchard; 'xenc'; www-xenc-xmlp-tf@w3.org;
> xml-dist-app@w3.org
> Cc: maruyama@jp.ibm.com; imamu@jp.ibm.com
> Subject: Re: XMLP/XMLE Use cases and processing models
>
>
> As an aside, if you didn't note it earlier Hiroshi Maruyama
> provided a
> demonstration of the "option 4" I listed.
>
> On Wednesday 06 February 2002 11:57, Joseph Reagle wrote:
> > 4. Meta-data is used to indicate the some of the data has
> been encrypted.
> > For instance, to make option 3 a little more flexible, one
> could create a
> > SOAP confidentiality header that indicates a decryptor actor with
> > mustUnderstand="1".
>
> See the following for details:
> http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/2001Dec/0001.html
> http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/2001Dec/0005.html
>
> --
>
> Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
> W3C Policy Analyst                mailto:reagle@w3.org
> IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
> W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
>
Received on Wednesday, 13 February 2002 18:47:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:20 GMT