Re: Requirements and Goals for the Design of an 'XML Encryption Standard'

At 10:00 11/14/2000 +0100, Christian Geuer-Pollmann wrote:
>Wouldn't transforms make sense? At the workshop, there was the diecussion 
>about c14n and compression, which read (if I understood it right):
>* If you want to c14n you instances before encryption - do so!

There is a desire that c14n not change the Infoset of the encrypted XML, yes 
the serialization might be a little different after decryption but that 
doesn't matter as it does in Signature. I think the question of whether 
Canonical XML meets this desire is still ~slightly~ open (schema and 
internal subset issues), but I think it's in everyone interest for this not 
to be the case (and if Canonical XML doesn't provide this a priori for all 
XML instances, if you construct your XML instance appropriately, it will.)

>* If you want to compress you instances before encryption - do so!

People didn't seem keen on compression.

>but how do we indicate what we did if we don't have a list of 
>transformations? This would make the "compression or not" discussion 
>obsolete, because the application could choose.

I was just asking really. I haven't seen a super strong use case on one 
hand, but on the other hand most of the work is already done by Signature 
(but do we still want to include transform capability in this spec?)

Joseph Reagle Jr.
W3C Policy Analyst      
IETF/W3C XML-Signature Co-Chair

Received on Tuesday, 14 November 2000 13:14:51 UTC