- From: Hiroshi Maruyama <MARUYAMA@jp.ibm.com>
- Date: Wed, 19 Dec 2001 18:32:15 +0900
- To: reagle@w3.org
- Cc: "David Orchard" <dorchard@bea.com>, <w3c-xml-protocol-wg@w3.org>, "'xenc'" <xml-encryption@w3.org>, www-xenc-xmlp-tf@w3.org, "Satoshi Hada" <SATOSHIH@jp.ibm.com>, "Takeshi Imamura" <IMAMU@jp.ibm.com>, "Maryann Hondo" <mhondo@us.ibm.com>
Joseph, >We need people from communities with their applications >requirements/scenarios in mind to then test those requirements/scenarios >with our specified functionality. >If anyone has scenarios or questions in mind please join and contribute to: >www-xenc-xmlp-tf@w3.org . We have been looking at applying XML Encryption to SOAP envelope. The following is an example of SOAP header for XML encryption that we are considering. The point here is that the receiving SOAP application knows what <xenc:EncryptedData> elements are to be decrypted. When the <SOAP-SEC:Encryption> element is combined with <SOAP-SEC:Signature>, the use of the decryption transform solve the interdependency problem. Also our scenario includes encrypting SOAP attachments through a "cid: ..." URI. (such as cid:image.jpg). <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header> <SOAP-SEC:Encryption xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" SOAP-ENV:actor="some-URI" SOAP-ENV:mustUnderstand="1"> <SOAP-SEC:EncryptedDataList> <SOAP-SEC:EncryptedDataReference URI="#encrypted-body-entry"/> </SOAP-SEC:EncryptedDataList> <xenc:EncryptedKey> ... </xenc:EncryptedKey> </SOAP-SEC:Encryption> </SOAP-ENV:Header> <SOAP-ENV:Body > <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"> Id="encrypted-body-entry"> ... </xenc:EncryptedData> </SOAP-ENV:Body> </SOAP-ENV:Envelope> We have (somewhat older versions of) draft spec and implementation in Web Services Toolkit available from IBM alphaWorks. See the following link. http://www.alphaworks.ibm.com/tech/webservicestoolkit Thanks, Hiroshi -- Hiroshi Maruyama Manager, Internet Technology, Tokyo Research Laboratory +81-46-215-4576 maruyama@jp.ibm.com From: Joseph Reagle <reagle@w3.org>@w3.org on 2001/12/19 07:24 Please respond to reagle@w3.org Sent by: xml-encryption-request@w3.org To: "David Orchard" <dorchard@bea.com> cc: <w3c-xml-protocol-wg@w3.org>, "'xenc'" <xml-encryption@w3.org>, www-xenc-xmlp-tf@w3.org Subject: Re: XMLP Comments to XMLE LC On Friday 14 December 2001 19:01, David Orchard wrote: > Can you repost the scenarios, and I at least guarantee that I will > respond? My "anonymous forwarder" contribution is [1] http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/2001Sep/0000.html I welcome comments, modifications, and other scenarios. If folks pitch in and we get a couple scenarios with some discussion on each from folks familiar with xenc and xp, we can pull them together into a document. > I understand why you would consider usage scenarios optional. But > another perspective is that if you ask me (speaking for myself, not xmlp) > to review a doc and I say I don't understand how it works The XML Encryption specification should explain how XML Encryption works. It has an Overview with simple examples/scenarios: [2] http://www.w3.org/TR/xmlenc-core/#sec-Overview If it doesn't sufficiently explain how to encrypt an element or element content then we need to improve the spec. Protocol requirements and scenarios are best known by XP folks. (I expect my old cypherpunk imaginings are quite far removed from what people are doing with SOAP today!) For instance, from [1] does anyone in your community care about an anonymous remailer type service? From your understanding of the XP domain will people want to encrypt payloads only, headers, both? Do people want to recursively encrypt/process encrypted SOAP blobs? (For instance, a SOAP payload is an EncrypedData, after you decrypt it you have a complete SOAP message again in hand with its own header and payload?) We need people from communities with their applications requirements/scenarios in mind to then test those requirements/scenarios with our specified functionality. If anyone has scenarios or questions in mind please join and contribute to: www-xenc-xmlp-tf@w3.org . Subscribe: www-xenc-xmlp-tf-request@w3.org In Subject: (un)subscribe http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/ -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Wednesday, 19 December 2001 04:32:56 UTC