W3C home > Mailing lists > Public > xml-encryption@w3.org > August 2005

RE: Utilizing XML-Encryption for Attribute Values

From: Blair Dillaway <blaird@exchange.microsoft.com>
Date: Fri, 5 Aug 2005 14:48:55 -0700
Message-ID: <89838BDE3225D04888850250C74720FC16B7CF@DF-FLASH-MSG.exchange.corp.microsoft.com>
To: <lists@jeffrafter.com>, <xml-encryption@w3.org>

There's a rather lengthy discussion in the archive.  Notably from Jan
2001.
http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/thread.html

There's some more in Feb.
http://lists.w3.org/Archives/Public/xml-encryption/2001Feb/thread.html

The WG felt the additional complexity wasn't justified by the identified
use cases.

Regards,
Blair Dillaway

 

-----Original Message-----
From: xml-encryption-request@w3.org
[mailto:xml-encryption-request@w3.org] On Behalf Of Jeff Rafter
Sent: Friday, August 05, 2005 11:00 AM
To: xml-encryption@w3.org
Subject: Utilizing XML-Encryption for Attribute Values


I was wondering if anyone could point me to a discussion on why
XML-Encryption was not enabled for attribute values? It seems that the
nature of the addressing mechanism should be easily pluggable using the
DataReference-- or that an alternate mechanism to treat an attribute
value's content as CipherData would be workable.

I assume that the reasoning for not pursuing this was the difficulty in
processing and not a security risk-- but admit to not knowing. I am
currently in an environment where there is a desire to encrypt
individual attribute values within an element. Having the key
information and EncryptedData elements in another section of the
document is a very attractive solution...

Any discussion or links on this would be greatly appreciated as I
haven't been able to pin down any as yet.

Thanks,
Jeff Rafter
Received on Friday, 5 August 2005 21:49:06 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:05 UTC