- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Fri, 06 Apr 2001 17:47:54 -0400
- To: "Blair Dillaway" <blaird@microsoft.com>
- Cc: <jimsch@exmsft.com>, "XML Encryption WG " <xml-encryption@w3.org>
At 14:23 4/6/2001 -0700, Blair Dillaway wrote:
>Well no. Either you know the EncryptionMethod for the EncryptedKey
>implicitly
>or else it is provided by the EncryptionMethod element within the
>EncryptedKey element. EncryptionMethod information for an EncryptedData
>isn't relevant.
Yes it is. (I think). If I want to know of what type of data that raw octet
set (when decrypted from within an EncryptedKey is), I have to go elsewhere.
I now realize were my confusion from this and NameKey is coming from.
If I have an EncryptedData that is relying upon and EncryptedKey, consider
the symmetric key secured in that EncryptedKey. That set of octets has some
properties.
(octets)
--name--> NameKey element of the parent EncryptedKey
--type--> EncryptionMethod of a referring EncryptedData
The tricky bit is when you look at the proposed structures, some of the
elements/attributes (like KeyInfo) are used to convey information about that
data object (EncryptedData and EncryptedKey) and others are used to convey
information about a resource to which to they relate (but doesn't become
revealed until they are processed.)
__
Joseph Reagle Jr. http://www.w3.org/People/Reagle/
W3C Policy Analyst mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature
W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Friday, 6 April 2001 17:48:07 UTC