W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2002

Re: Custom XML Types (Was: Decryption Transform processing question)

From: Joseph Reagle <reagle@w3.org>
Date: Thu, 30 May 2002 15:33:47 -0400
To: merlin <merlin@baltimore.ie>
Cc: xml-encryption@w3.org
Message-Id: <20020530193348.6EA8A463@policy.w3.org>

On Thursday 30 May 2002 03:06 pm, merlin wrote:
> By "perform the decryption and processing as defined by
> that Type", do you mean that the definition of the Type must
> specify how it is used by the decryption transform, that the
> processing step will identify whether or not the result is
> UTF-8 encoded XML data, or that processing according to a
> Type attribute will always produce UTF-8 encoded XML data?

The first. The octects could be anything, a serialized representatin of a 
Infoset item, a pickled python DOM node, compressed data, etc.

   Type is an optional attribute identifying type information about the
   plaintext form of the encrypted content. While optional, this
   specification takes advantage of it for mandatory processing described
   in Processing Rules: Decryption (section 4.2). If the EncryptedData
   element contains data of Type 'element' or element 'content', and
   replaces that data in an XML document context, it is strongly
   recommended the Type attribute be provided. Without this information,
   the decryptor will be unable to automatically restore the XML document
   to its original cleartext form.
...
            The definition of this type as bound to an identifier
            specifies how to obtain and interpret the plaintext octets
            after decryption. For example, the idenifier could indicate
            that the data is an instance of another application (e.g.,
            some XML compression application) that must be further
            processed. Or, if the data is a simple octet sequence it MAY
            be described with the MimeType and Encoding attributes. For
            example, the data might be an XML document
...
  4.3 XML Encryption

   Encryption and decryption operations are transforms on octets. The
   application is responsible for the marshalling XML such that it can be
   serialized into an octet sequence, encrypted, decrypted, and be of use
   to the recipient.

   For example, if the application wishes to canonicalize its data or
   encode/compress the data in an XML packaging format, the application
   needs to marshal the XML accordingly and identify the resulting type
   via the EncryptedData Type attribute. The likelihood of successful
   decryption and subsequent processing will be dependent on the
   recipient's support for the given type. Also, if the data is intended
   to be processed both before encryption and after decryption (e.g., XML
   Signature [XML-DSIG] validation or an XSLT transform) the encrypting
   application must be careful to preserve information necessary for that
   process's success.

   For interoperability purposes, the following types MUST be
   implemented.

   element 'http://www.w3.org/2001/04/xmlenc#Element'
          "[39]  element ::= EmptyElemTag | STag content ETag" [XML]

   content 'http://www.w3.org/2001/04/xmlenc#Content'
          "[43] content ::= CharData? ((element | Reference | CDSect | PI
          | Comment) CharData?)*" [XML]
Received on Thursday, 30 May 2002 15:34:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:21 GMT