W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2002

Re: Custom XML Types (Was: Decryption Transform processing question)

From: merlin <merlin@baltimore.ie>
Date: Thu, 30 May 2002 22:15:41 +0100
To: reagle@w3.org
Cc: xml-encryption@w3.org
Message-Id: <20020530211541.D17394432D@yog-sothoth.ie.baltimore.com>

r/reagle@w3.org/2002.05.30/15:33:47
>On Thursday 30 May 2002 03:06 pm, merlin wrote:
>> By "perform the decryption and processing as defined by
>> that Type", do you mean that the definition of the Type must
>> specify how it is used by the decryption transform, that the
>> processing step will identify whether or not the result is
>> UTF-8 encoded XML data, or that processing according to a
>> Type attribute will always produce UTF-8 encoded XML data?
>
>The first. [...]

I must admit to not really being a fan of this. All of the
description of the Type attribute (there is clearly more than
I recalled) is good. However:
  <SignedData>
    <EncryptedData Type="&foo;" ... />
    <EncryptedData Type="&bar;" ... />
  </SignedData>

The specifications &foo; and &bar; can't really describe how
the decryption transform should operate over this. And, to
be honest, I don't like the concept of a document defining
an EncryptedData Type having to specify how it is handled
during XML encryption/decryption, as well as in the decryption
transform (and any other transform that happens to define
the processing of encrypted data).

It strikes me that octet streams being transformed in XML
signatures can reasonably be categorized into two camps:
UTF-8 serialized XML data, and other (binary) data. If we can
categorize an encryped Type as one or other, then processing
within the decryption transform can be comparatively easily
defined in a uniform manner.

Merlin
Received on Thursday, 30 May 2002 18:41:14 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:21 GMT