RE: ACTION-510 Propose explanation of use of content vs. element in implementations from Pratik Datta on 2010-02-12 (public-xmlsec@w3.org from February 2010)

From: Pratik Datta <PRATIK.DATTA@oracle.com>
Date: Fri, 12 Feb 2010 13:08:49 -0800 (PST)
To: Thomas Roessler <tlr@w3.org>
Cc: "public-xmlsec@w3.org Public List" <public-xmlsec@w3.org>
Message-ID: <8dc2ea8e-37a3-4b11-b51d-1bb6b273c0e4@default>

Yes, in this implementation the handling of namespaces and attributes are independent of element vs content.

Things are in flux here. I am not sure when I can get information about the other implementations.

Pratik

-----Original Message-----
From: Thomas Roessler [mailto:tlr@w3.org] 
Sent: Friday, February 12, 2010 9:07 AM
To: Pratik Datta
Cc: Thomas Roessler; public-xmlsec@w3.org Public List
Subject: Re: ACTION-510 Propose explanation of use of content vs. element in implementations

On 9 Feb 2010, at 19:55, Pratik Datta wrote:

> I checked one of our implementations. In this one the decryptor doesn't really need the "content" vs "element".  Here is what the decryptor does :

Thanks.

>  
> It decrypts the cipher text, to get the plaintext, and then puts the plain text inside dummy start and end tags. I.e. like this  "<dummy> plaintext </dummy>" and then parses this xml document  into a DOM tree. For type = "element" it checks that the <dummy> element has only one child, whereas for type = "content" it doesn't perform this check. In either case it just takes all the children of the <dummy> node and deep imports them into the original document, replacing the <EncryptedData> element. It also does special handling for  namespaces and xml attributes that I have omitted for simplicity

I suppose the special handling for namespaces and attributes is independent of whether it's "element" or "content"?

>  I am still checking with the other implementations.

Any news from that?

Received on Friday, 12 February 2010 21:11:25 UTC