- From: Philip Hallam-Baker <pbaker@verisign.com>
- Date: Thu, 21 Dec 2000 13:35:39 -0800
- To: "'Ed Simon'" <ed.simon@entrust.com>, "'xml-encryption@w3.org'" <xml-encryption@w3.org>
- Message-ID: <2F3EC696EAEED311BB2D009027C3F4F40154C751@vhqpostal.verisign.com>
Sounds like we need a form of words somewhere in the spec to make this all clear. It looks to me that 'whole document' case must be tolerant of all four possible cases. The easiest way to resolve all these inference issues would be to create a set of documented test vectors. Phill -----Original Message----- From: Ed Simon [mailto:ed.simon@entrust.com] Sent: Thursday, December 21, 2000 3:14 PM To: 'xml-encryption@w3.org' Subject: RE: Encrypting entire documents in XML Proposal? Ultimately, every well-formed XML document has a prologue, just that some have empty prologues. An empty prologue is equivalent to the prologue "<?xml version="1.0" encoding="UTF-8"?>". So the prologue of <EncryptedData...> ... </EncryptedData> indicates it is XML version 1.0 with a character encoding of UTF-8. If <EncryptedData> contains an XML document with an empty prologue, the prologue of that document indicates it is XML version 1.0 and has a character encoding of ""UTF-8". Now in future years when a possible XML versions 2.0, 3.0, and 3.5 come into being, I expect empty prologues will only be found in "historical" documents. In other words, in the year 2525 when XML version 39.2 is popular, empty prologues just won't be used in everyday business. At a minimum, the prologue will look like this "<?xml version="39.2"?>" (if other attributes become mandatory then those will be included too). Certainly, nothing in XML Encryption should stop an application from specifying a non-empty prologue on "<EncryptedData Type="Document">...</EncryptedData>" and in some cases it may be necessary to do so if non-UTF-8 encoded attribute values need to be specified. In addition to the XML declaration, I expect it would make sense to have the Document Type Declaration, for XML Encryption, specified as well. Ed -----Original Message----- From: Philip Hallam-Baker [mailto:pbaker@verisign.com] Sent: Thursday, December 21, 2000 2:53 PM To: 'Ed Simon'; 'xml-encryption@w3.org' Subject: RE: Encrypting entire documents in XML Proposal? The point at which confusion is likely to arrise in implementations is whether an 'entire XML document' encrypted should or should not have the prologue under the encryption. It is arguable that a 'whole document encrypted' should have two prologues. The first would be for the encryption data, the sencond encrypted inside the encryption data. I doubt it will make a huge difference except to cause implementations to fail to interoperate so it is important that the spec be very clear on the choice made but probably not that important as to what is chosen. Probably the way to make a choice on the matter is to consider whther an XML2.0 document could be encrypted using an XML 1.0 encryption toolset... argues for 2 prologues?? Phill -----Original Message----- From: Ed Simon [mailto:ed.simon@entrust.com] Sent: Thursday, December 21, 2000 2:04 PM To: 'xml-encryption@w3.org' Subject: RE: Encrypting entire documents in XML Proposal? It is true that well-formed documents require a prologue but it is also true that the prologue may be empty. In other words, <?xml version="1.0" encoding="UTF-16"?> <root> <a><b> </root> is well-formed but so is <root> <a><b> </root> In both cases, if encrypting the entire XML instance, one would end up with <EncryptedData Type="Document" xmlns=".../xml/encryption"> ... </EncryptedData> which is also a well-formed document which has an empty prologue and is therefore, by default, UTF-8 and version 1.0. A question which remains to be answered is whether this model stands the test of various character encodings. I believe Hiroshi and Takeshi feel that various character encodings could cause problems (Hiroshi and Takeshi, please correct me if I misunderstand). As for me, I expect that there could be a problem here, but I don't want to introduce a requirement for canonicalization unless I see proof of it. Ed -----Original Message----- From: Thane Plambeck [ mailto:tplambeck@verisign.com <mailto:tplambeck@verisign.com> ] Sent: Thursday, December 21, 2000 12:57 PM To: 'xml-encryption@w3.org' Subject: FW: Encrypting entire documents in XML Proposal? In section 5.7 of this doc (encrypting an entire XML document) perhaps the prologue should not be encrypted? At least we perserve well-formedness then for entire documents. I realize that encrypting just the root element and not the prologue is already covered by the case of encrypting an entire element. So I guess the question is, should XML Encryption really say anything about encrypting entire documents, including the prologue? If it does then we are left with the consequence of XML Document encryption leaving us with non-well formed XML, which requires a prologue. Thane Thane Plambeck tplambeck@verisign.com http://www.verisign.com <http://www.verisign.com> 650 429 5247 direct, Mt View Office 650 321 4884 home office 650 323 4928 home office fax -----Original Message----- From: Blair Dillaway [ mailto:blaird@microsoft.com <mailto:blaird@microsoft.com> ] Sent: Friday, December 15, 2000 2:41 PM To: xml-encryption@w3.org Cc: Hiroshi Maruyama; Brian LaMacchia; Barb Fox; 'Ed Simon'; 'Takeshi Imamura'; jimsch@nwlink.com Subject: Proposal for XML Encryption Syntax and Processing We respectfully submit the attached specification as a suggested starting point for the XML Encryption Working Group effort. This work builds on earlier papers and on-going discussions. We look forward to comments and continuing discussions to resolve the open issues identified in this document. Regards, Blair Dillaway, Barbara Fox, Takeshi Imamura, Brian LaMacchia, Hiroshi Maruyama, Jim Schaad, Ed Simon
Received on Thursday, 21 December 2000 16:35:44 UTC