W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2002

Re: More inter samples

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Tue, 12 Mar 2002 14:37:45 +0900
To: Jiandong Guo <jguo@phaos.com>
Cc: xml-encryption@w3.org
Message-ID: <OFEE3FCC9F.D50DD97D-ON49256B7A.00132B41@LocalDomain>

>> >> Attached is a revised version of the samples sent before. I mainly
>> >> update the Diffie-Hellman examples to accommodate the newest changes
>> >> the specification.
>> I confirmed that our implementation succeeded in decrypting most of your
>> examples except ones using DH and RSA-OAEP with SHA256 and SHA512.  I
>> confirmed that it failed to decrypt your bad-algorithm example because
>> wrong key length.
>Thanks! As for the DH and RSA-OAEP with SHA256 and SHA512, I am wondering
>couldn't decrypt them or you haven't tested them.

Sorry for confusing you.  I mean that I have not tested them yet.

>> However, I found that it succeeded in decrypting your
>> bad-type example.  That is reasonable to me because the decryptor is not
>> required to perform validation on the serialized XML and hence our
>> implementation does not.  Should we include this example in test
>My intention is that if you do the decrypt and replace, the type
>should be needed.
>In other words, it should cause you trouble when you replace the
>element with
>the decrypted data if the the type attribute is not set correctly.

I don't know how you have implemented this process, but the spec says:

>The decryptor is NOT REQUIRED to perform validation on the serialized XML.

and also says:

>The decryptor is NOT REQUIRED to perform validation on the result of this
replacement operation.

and hence I don't think that the implementation has to fail to decrypt this
example.  In that sense, I asked this question.  Note, I don't say that
your implementation is wrong.  Such validation would be value-add.

Tokyo Research Laboratory
IBM Research
Received on Tuesday, 12 March 2002 00:37:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:03 UTC