- From: Joseph Reagle <reagle@w3.org>
- Date: Fri, 15 Feb 2002 20:12:53 -0500
- To: timbl@w3.org, www-tag@w3.org, "David Orchard" <david.orchard@bea.com>
- Cc: xml-encryption@w3.org
I've accepted an action item from TimBL to register a media (content) type for XML Encryption instances [0]. My understanding is that this will be used for data objects with the elements in the xml encryption namespace at its root. An interesting characteristic of this type is that when an object of that type has been processed the result might be a different type (e.g., an "image/png" was decrypted). David Orchard has been good enough to help us explore scenarios involved in using xenc with other applications and requested [1] that this media type also be associated with any XML content that an XML encryption application changes a part of. For instance, one might encrypt the second paragraph of an XHTML document . I'm no expert on this issue but I have a few uninformed concerns. Do you make this change only for items where it invalidates the instance according to the schema? What happens if the schema permits the change of content (a choice, lax validation, or ANY)? Does this force all XML encryption application to be schema valid and to know whether they invalidated a document? (The WG has refused requirements on validation and has consensus on how to address/scope this issue [2].) What happens if there is no schema for the original application, but a DTD? What happens if it is only well-formed? What happens if another application expects a similar change (e.g., XSLT)? I will proceed with the registration in accordance with my understanding of the action item and in keeping with the longstanding consensus of the WG [2], resulting from the March 2001 meeting, unless directed otherwise, at which point I will be happy to bring it before the WG. Also, if there is a forum where others are welcome to pariticpate on this issue, I will be happy to refer them to it but feel David is right in stating this issue is bigger than just xenc. [0] http://www.iana.org/cgi-bin/mediatypes.pl [1] http://lists.w3.org/Archives/Public/xml-encryption/2002Feb/0023.html [2] http://www.w3.org/TR/2001/WD-xml-encryption-req-20011018 ... 2. XML Instance Validity {[66]WS} 1. Encrypted instances must be well-formed but need not be valid against their original definition (i.e. applications that encrypt the element structure are purposefully hiding that structure.) 2. Instance authors that want to validate encrypted instances must do one of the following: 1. Write the original schema so as to validate resulting instances given the change in its structure and inclusion of element types from the XML Encryption namespace. 2. Provide a post-encryption schema for validating encrypted instances. ... -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Friday, 15 February 2002 20:12:57 UTC