Re: Updated (v2) proposed XML Encryption 1.1 changes related to OAEP

Right, I thought this would be the case..

I think we should go with the element. Same effect, avoid a number of issues.

Anyone disagree?

regards, Frederick

Frederick Hirsch
Nokia



On Oct 7, 2011, at 12:44 PM, ext Cantor, Scott wrote:

> On 10/7/11 8:35 AM, "Frederick.Hirsch@nokia.com"
> <Frederick.Hirsch@nokia.com> wrote:
>> Note that this is not the 1.1 schema but the 1.0 schema. However, this
>> seems appropriate and as the new attribute is optional should not hurt
>> existing implementations.
> 
> Ordinarily, no, you can't do this. The only caveat that might make it ok
> here is that the Algorithm is new. A 1.0 implementation wouldn't handle
> the algorithm, so you're moving a failure from one layer to another.
> 
> That said, this is generally just not done. There are assumptions built
> into the whole house of cards of XSD aware software, and it just doesn't
> fly.
> 
> There's a simple fix, just use an element. EncryptionMethod has a wildcard
> in it, it's just not an attribute wildcard.
> 
> <xenc11:MGF Algorithm="..."/>
> 
> -- Scott
> 

Received on Friday, 7 October 2011 17:41:53 UTC