W3C home > Mailing lists > Public > xml-encryption@w3.org > June 2002

Re: Decryption Transform processing question

From: merlin <merlin@baltimore.ie>
Date: Tue, 11 Jun 2002 04:50:34 +0100
To: "Takeshi Imamura" <IMAMU@jp.ibm.com>
Cc: xml-encryption@w3.org
Message-Id: <20020611035034.6670843E09@yog-sothoth.ie.baltimore.com>

r/IMAMU@jp.ibm.com/2002.06.11/01:08:49

Hi Takeshi,

>>2) Encryptor-specified superdecryption
>>
>>   c) The encryptor super-encrypts unexceptional EncryptedData,
>>      mindful of the potential problems. It indicates this by
>>      using the SuperEncryptedData Type, and utilizing
>>      mechanisms to overcome the problems if necessary.
>
>As I pointed out before, this is not possible when a signature is not
>given.  Also, when encrypting exceptional and unexceptional EncryptedData
>elements together, how should we do so?
>
>However, I agree with you that, if a signature is given, an encryptor can
>decide which EncryptedData element should be decrypted.  So how about the
>following, which is opposite to 2):
>
>3) Encryptor-specified super-undecryption
>
>Decrypt all the EncryptedData elements recursively except for those
>specified by the super-encrypting EncryptedData element.  Those could be
>specified by decrypt:Except elements specified as encryption properties.
>The mechanisms you proposed could be used in order to the problems.
>
>This provides the same function as 2), but it would suit the concept of
>decryption transform much better.  This means that we don't have to
>reimplement the transform from scratch.  How do you feel?

I think that this is a good option. But, I trust that you are
speaking broadly in the context of the modified description
of the decrypt transform (#13b)? If so, I will try and draw
up some more explicit text.

Merlin
Received on Monday, 10 June 2002 23:51:05 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:03 UTC