W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2002

Re: Decryption Transform processing question

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Wed, 1 May 2002 15:37:17 +0900
To: Ari Kermaier <arik@phaos.com>
Cc: xml-encryption@w3.org
Message-ID: <OFDA74C8C1.20D577A0-ON49256BAC.001EC455@LocalDomain>

>>By the way, as to decryptXML(), it may be necessary to exchange step 2
and
>>3 because an octet stream obtained in step 1 may not contain any
namespace
>>declaration attribute necessary for parsing the octet stream when
>>decrypting an EncrypteData element within the octet stream.  How do you
>>feel?
>
>I'm not sure I understand. Isn't the parsing context C that would be used
>in step 3 itself derived entirely from node-set X? If that's the case,
>what's an example of a namespace declaration that would be in C but would
>not be preserved by applying XML-C14N to X?

To my understanding, C is not derived from X but derived from X's ancestor
nodes.  If X contains all namespace nodes that are declared in its ancestor
nodes, it would be OK.  But if not, parsing might fail.  This could occur
if any transforms prior to decryption transform removes any namespace node.
So I thought that step 2 and 3 might have to be swapped.

However, as I wrote in the previous mail, step 1 can be removed.  So this
may not be a problem now.

Thanks,
Takeshi IMAMURA
Tokyo Research Laboratory
IBM Research
imamu@jp.ibm.com
Received on Wednesday, 1 May 2002 02:37:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:21 GMT