- From: Mark Baker <distobj@acm.org>
- Date: Thu, 10 Jan 2002 21:01:00 -0500 (EST)
- To: david.orchard@bea.com (David Orchard)
- Cc: rsalz@zolera.com ('Rich Salz'), xml-dist-app@w3.org
> I'm not sure what the right way to design this would be. You could encrypt > the entire header element. Then when it's decrypted, whoever decrypted it > could see the actor, plus whatever else is in the header. Unless we allow > nested encryption, which makes my brain hurt even more. > > I see a rat's nest ahead as we tumble down the slippery slope. You and your slippery slopes. 8-) > I really believe we need more use cases on these various types. Oh wait, > I'm supposed to write use cases. Sure, those would help. I'm thinking that we need to require that the root element of each header block be unencrypted. In other words, the header "name" and qualifiers (actor, mustUnderstand) MUST be visible. But the header "value" (block content) should be able to be encrypted. I think this is the minimum that should be done to ensure that encryption doesn't mess with the processing model. MB -- Mark Baker, Chief Science Officer, Planetfred, Inc. Ottawa, Ontario, CANADA. mbaker@planetfred.com http://www.markbaker.ca http://www.planetfred.com
Received on Thursday, 10 January 2002 21:00:18 UTC