- From: merlin <merlin@baltimore.ie>
- Date: Thu, 30 May 2002 20:06:43 +0100
- To: reagle@w3.org
- Cc: xml-encryption@w3.org
r/reagle@w3.org/2002.05.30/14:37:29 >On Thursday 30 May 2002 12:57 pm, merlin wrote: >> If another standard specifies that the Type URI &foo;PrivateKey >> indicates that the content is an encrypted foo:PrivateKey >> element then this cannot be used with the decryption transform. >> If another standard specifies that the type URI &gzip;Element >> indicates that the content is an encrypted, gzipped elmement, >> then this cannot be used with the decryption transform. > >Understood. While not specified, my expectation was that such a thing could >be accomodated via a step 3.5 in decryptIncludedNodes() that said something >like: >2. If the value of the Type attribute of e is &xenc;Element or >&xenc;Content ... >3. If the Type attribute is absent or otherwise indicates octets ... >/+3.5 If the value of the Type attribute is some other value, perform the >decryption and processing as defined by that Type. If they type is unknown >or unsupported, fail.+/ > >So in the following: > ><Document> > <SignedPart> > <Data /> > <EncryptedData ID="enc1" Type="http://merlin.org/foo#PrivateKey" ... /> > <EncryptedData ID="enc2" Type="http://merlin.org/gzip#Element" ... /> > </SignedPart> > <Signature> > ... > <Transform Algorithm="&dcrpt;"> > <Except URI="#enc2" xmlns="&dcrpt;"/> > </Transform> > ... > </Signature> ></Document> > >The Signature is over the Document with enc1 as is, but the uncompressed >clear text form of enc2. Would adding this step 3.5 be satisfactory? By "perform the decryption and processing as defined by that Type", do you mean that the definition of the Type must specify how it is used by the decryption transform, that the processing step will identify whether or not the result is UTF-8 encoded XML data, or that processing according to a Type attribute will always produce UTF-8 encoded XML data? Merlin
Received on Thursday, 30 May 2002 15:07:57 UTC