XML Encryption and EXI from Thomas Roessler on 2009-11-06 (public-xmlsec@w3.org from November 2009)

From: Thomas Roessler <tlr@w3.org>
Date: Fri, 6 Nov 2009 14:54:33 -0800
To: John Schneider <john.schneider@agiledelta.com>
Cc: Thomas Roessler <tlr@w3.org>, XMLSec WG Public List <public-xmlsec@w3.org>, Carine Bournez <carine@w3.org>
Message-Id: <9EB170A8-E2FC-4967-B287-510E037A320B@w3.org>

John,

looking through yesterday's discussion with EXI, the XML Security WG  
is considering how to best integrate EXI with XML Encryption.

The salient piece of the XML Encryption specification is section 4.2  
[1].

We see two possible avenues here:

1. Keep the processing model in XML Encryption intact, but define an  
additional Type parameter (e.g., "exi") that would designate EXI- 
encoded cleartext.  In this case, step 5 of the processing model would  
be applicable to EXI, and the raw EXI-encoded material would be  
returned by XML Encryption implementations upon decryption.

2. Define additional processing in XML Encryption which would cause an  
implementation to return unencoded XML; EXI support would be  
transparent.  Legacy implementations of XML Encryption 1.0 would  
exercise step 5, i.e., match option 1 behavior.

We'd be interested in your input; since we are aiming to take  
Encryption 1.1 to Last Call on our call on 17 November, an answer next  
week would be ideal.

1. http://www.w3.org/TR/xmlenc-core1/#sec-Processing-Decryption

Thanks,
--
Thomas Roessler, W3C  <tlr@w3.org>

Received on Friday, 6 November 2009 22:54:42 UTC