- From: David Orchard <david.orchard@bea.com>
- Date: Wed, 13 Feb 2002 15:42:47 -0800
- To: <reagle@w3.org>, "'xenc'" <xml-encryption@w3.org>, <www-xenc-xmlp-tf@w3.org>, <xml-dist-app@w3.org>
- Cc: <maruyama@jp.ibm.com>, <imamu@jp.ibm.com>
Hiroshi's example seems excellent to me. I note that the Header is actually in the SOAP-SEC namespace, and knows about encryption. Further the header block is the SOAP-SEC:Encryption element, so dispatch is possible based on either the element or the namespace. Finally, there is an explicit actor. And SOAP uses the actor to do dispatch. In reality, your example #4 is actually not really related to encryption. It's related to what the SOAP-SEC intermediary does. My concerns have been about the case where a vocabulary that knows nothing about encryption has a portion of an instance encrypted, and keeping the namespace name and root element of the vocabulary as if encryption didn't occur is "fibbing" about the namespace. Imagine if SOAP-SEC did NOT know about encryption, yet had encrypted content, how would a dispatcher know to decrypt content? This is also assuming there is no explicit soap actor. See my different message today on my proposal for an XMLE content-type and wording on documents containing XMLE content must provide meta-data if decryption is required. Cheers, Dave > -----Original Message----- > From: Joseph Reagle [mailto:reagle@w3.org] > Sent: Thursday, February 07, 2002 9:55 AM > To: David Orchard; 'xenc'; www-xenc-xmlp-tf@w3.org; > xml-dist-app@w3.org > Cc: maruyama@jp.ibm.com; imamu@jp.ibm.com > Subject: Re: XMLP/XMLE Use cases and processing models > > > As an aside, if you didn't note it earlier Hiroshi Maruyama > provided a > demonstration of the "option 4" I listed. > > On Wednesday 06 February 2002 11:57, Joseph Reagle wrote: > > 4. Meta-data is used to indicate the some of the data has > been encrypted. > > For instance, to make option 3 a little more flexible, one > could create a > > SOAP confidentiality header that indicates a decryptor actor with > > mustUnderstand="1". > > See the following for details: > http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/2001Dec/0001.html > http://lists.w3.org/Archives/Public/www-xenc-xmlp-tf/2001Dec/0005.html > > -- > > Joseph Reagle Jr. http://www.w3.org/People/Reagle/ > W3C Policy Analyst mailto:reagle@w3.org > IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ > W3C XML Encryption Chair http://www.w3.org/Encryption/2001/ >
Received on Wednesday, 13 February 2002 18:47:19 UTC