W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2002

Re: Decryption Transform processing question

From: merlin <merlin@baltimore.ie>
Date: Thu, 02 May 2002 01:24:33 +0100
To: Ari Kermaier <arik@phaos.com>
Cc: xml-encryption@w3.org
Message-Id: <20020502002433.C9FDC44E1E@yog-sothoth.ie.baltimore.com>

You're right, I think I'm blind. I'll try actually reading tomorrow..


>I thought that XPath caveat was weird as well, but I believe the confusion 
>on wrapping is really just an infelicity of the language in the text. When 
>it says "wrap the decrypted octet stream" I think it really means "wrap the 
>octet stream resulting from decrypting and replacing e in X". (See 
>Takeshi's answer to my question in [1].)
>Under this reading, I think the following would hold for a signature over 
><Bar xmlns:baz="http://example.org/baz">
>   <Foo xml:something="other" Id="foo">
>     <enc:EncryptedData ...>...</enc:EncryptedData>
>   </Foo>
>Dereferencing, decrypting and replacing results in:
><Foo xml:something="other" Id="foo">
>     <plaintext />
>   </Foo>
>Since <Bar>'s namespace is in scope for the first element of the input 
>node-set, <Foo>, parsing context C is {xmlns:baz="http://example.org/baz", 
>xml:something="other"}. So the result of wrapping would be:
><dummy xmlns:baz="http://example.org/baz" xml:something="other"><Foo 
>xml:something="other" Id="foo">
>     <plaintext />
>   </Foo></dummy>
>Parsing, unwrapping and canonicalizing would result in:
><Foo xmlns:baz="http://example.org/baz" xml:something="other" Id="foo">
>     <plaintext />
>   </Foo>
>If this is correct, my proposed text in [2] for decryptXML(X, e, C) and 
>decryptOctets(X, e) would be OK. Am I missing anything?
>[1]  http://lists.w3.org/Archives/Public/xml-encryption/2002Apr/0119.html
>[2]  http://lists.w3.org/Archives/Public/xml-encryption/2002May/0002.html
>Ari Kermaier    arik@phaos.com
>Senior Software Engineer
>Phaos Technology Corp.    http://www.phaos.com/

The information contained in this message is confidential and is intended
for the addressee(s) only.  If you have received this message in error or
there are any problems please notify the originator immediately.  The 
unauthorised use, disclosure, copying or alteration of this message is 
strictly forbidden. Baltimore Technologies plc will not be liable for
direct, special, indirect or consequential damages arising from alteration
of the contents of this message by a third party or as a result of any 
virus being passed on.

This footnote confirms that this email message has been swept for Content
Security threats, including computer viruses.
Received on Wednesday, 1 May 2002 20:24:46 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:03 UTC