Re: xenc:EncryptedKey/@Type

On Monday 07 January 2002 05:38, Takeshi Imamura wrote:
> My intention was to prohibit encrypting an XML structure containing a
> key, which is a part of an XML document, into an EncryptedKey element,
> not to prohibit encoding a key in XML and then encrypting it as binary
> into an EncryptedKey element.  I believe a key can be encoded in ASN.1,
> XML, and so on.

What do you mean encoded in XML? I now agree that ds:KeyValue wouldn't be 
right, and I can think of binary key being encoded in ASN1, ASCII or UTF-8. 
Would the ASN1->XML converters be such an example? I'd like to add text to 
section3.4.1 to clarify this like the following:

"When EncryptedKey is decrypted the resulting octets must be a literal key 
value. For example, the result might be a key value encoded in UTF-8 but it 
will not be an XML structure."

I know the end of that last sentence isn't right...

> >Algorithm URI) is sufficient: 1-to1.
> >2.1 If it doesn't, one would specify the Algorithm and KeyStructure
> >distinctly. For example:
> ><EncryptedKey Type="someEncryptionAlgorithms128bitKey">
> >   <EncryptionMethod
> >        Algorithm="&xenc;someEncryptionAlgorithm" />
>
> I like this because there can be several ways to encode/represent a key
> for an algorithm.

Added to  3.4.1: $Revision: 1.106 $

The Type attribute inheritted from EncryptedType can be used to further 
specify the type of the encrypted key if the EncryptionMethod Algorithm 
does not define a unambiguous encoding/representation. (Note, all the 
algorithms in this specifications  have an unambiguous representation for 
their associated key structures. [Is this true? -JR])


-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Friday, 11 January 2002 15:31:16 UTC