Re: XML Encryption, Requirements and design considerations from by way of on 2000-04-19 (xml-encryption@w3.org from April 2000)

From: by way of <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Wed, 19 Apr 2000 10:28:30 -0400
To: xml-encryption@w3.org
Message-Id: <3.0.5.32.20000419102830.01a1a670@localhost>

In [1] you mention under 2. Requirements - Flexibility of key delivery 
mechanism:

<snip>
The syntax of encrypted elements should be flexible in terms of the key 
exchange method. In particular, both out-of-band key exchange (no key 
materials embedded in the syntax) and certificate-based key exchange (the 
encryption key encrypted by recipient's public key is embedded in the 
syntax) must be supported.
</snip>

Besides
  - symmetric out-of-band and
  - certificate-based in-band,
there is a need for
  - symmetric in-band key distibution.

In the last XML example document ("Symmetric key encryption"), it would be 
useful to allow some kind of key identifies for a shared symmetric key 
and/or some other key management for symmetric encrypted symmetric session 
keys:

<snip example="1">
   <xenc:Object Algorithm="DES"
                KeyID="http://www.company.com/keyIDs/#27813638176"
                IV="k0xDDAKBgNV=="
                Encoding="base64">
BASE64DATA...
   </xenc:Object>
</snip>

<snip example="2">
   <xenc:Object Algorithm="DES"
                KeyID="http://www.company.com/keyIDs/#27813638176"
                EncryptedSessionKey="k0xFFH56EeDAKBgNV=="
                IV="k0xDDAKBgNV=="
                Encoding="base64">
BASE64DATA...
   </xenc:Object>
</snip>




Regards,

Christian

--------

[1] 
http://lists.w3.org/Archives/Public/xml-encryption/2000Apr/att-0005/01-xmlenc
.html

Received on Wednesday, 19 April 2000 10:28:38 UTC