Encryption Subset Scenario

All -

Given an input Document D:

<doc>
  <elem1> foo1 </elem1>
  <elem2> foo2 </elem2>
  <elem3> foo3 </elem3>
</doc>

I want to encrypt just the first two child elements (<elem1> and <elem2>).
This doesn't appear to fit the definition of
Type='http://www.w3.org/2001/04/xmlenc#Element', which suggests a single
element, or Type='http://www.w3.org/20001/04/xmlenc#Content'
which suggests that all three elements must be encrypted (elem1, elem2 and
elem3).

Choosing to treat the first two elements as arbitrary plaintext also seems
overkill, and if so, this ruins the XML semantics. I cannot
treat it as text/xml, because this document subset is not well-formed.
Treating it as text/plain looses all of the XML semantics.

The obvious solution is to create two <EncryptedData> elements, but this is
redundant. Another solution is an XPath transform, but this
doesn't exist for XML Encryption.

Am I missing something here? Is there an obvious solution to this? It seems
like a simple case that might have been overlooked. 

Thanks,

Blake Dournaee
Toolkit Applications Engineer
RSA Security
 
"The only thing I know is that I know nothing" - Socrates
 
 

Received on Wednesday, 15 May 2002 15:35:57 UTC