Re: Encryption and the processing model

> > > I'm thinking that we need to require that the root element of each
> > > header block be unencrypted.  In other words, the header "name"
> > > and qualifiers (actor, mustUnderstand) MUST be visible.
> 
> I think that's too limiting. For example, a SET-like protocol where I
> encrypt my bank header such that your bank can see it, but you can't.
> 
> I'd rather see us solve the problem in the documentation.

I don't believe my suggestion prevents what you describe, as long as
you're not trying to hide the existence of the header, just its
value/content.

I'm also not very familiar with SET, so I don't know whether it has a
processing model that places visibility requirements on header names
and qualifiers, as SOAP does.

MB
-- 
Mark Baker, Chief Science Officer, Planetfred, Inc.
Ottawa, Ontario, CANADA.      mbaker@planetfred.com
http://www.markbaker.ca   http://www.planetfred.com

Received on Friday, 11 January 2002 09:24:50 UTC