Re: Latest Rough Draft from Joseph M. Reagle Jr. on 2001-04-17 (xml-encryption@w3.org from April 2001)

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Tue, 17 Apr 2001 14:41:22 -0400
To: "Takeshi Imamura" <IMAMU@jp.ibm.com>
Cc: "XML Encryption WG " <xml-encryption@w3.org>
Message-Id: <4.3.2.7.2.20010417142503.032e8420@localhost>

At 19:06 4/16/2001 +0900, Takeshi Imamura wrote:
>2.1.3 Super-Encryption: Encrypting EncryptedData
> >A valid super-encryption of //EncryptedData/@Id='ED1' would be:
>This XPath would be "//EncryptedData[@Id='ED1']".

ok.

>3.2 The CipherData Element
> >       <choice>
> >         <element ref="ds:Transforms" minOccurs="0"/>
> >       </choice>
>Why <choice> is used here?

I'm not really sure, and this is broken in any case as the comment points 
out. We need another element and definition regardless: This isn't valid 
schema. We need a schema construct that has the content (or a child with the 
content) of CryptoBinary, *or* a set of transforms. -- Reagle/Dillaway."

>3.4 Extensions to enc:KeyInfo Element
>
> >1. The EncryptedData or EncryptedKey element specifies the associated key 
> material:
>The key value may be indicated by specifying the X509Data element for the
>corresponding public key.

I don't understand.

> >            <element name="EncryptedKey" minOccurs='0'/>
>The EncryptedKey element may occur zero or more times within a KeyInfo 
>element, so this would be:
><element ref='enc:EncryptedKey' minOccurs='0' maxOccurs='unbounded'/>

ok.

>3.4.2 The KeyRetrievalMethod Element
>
> >The KeyRetrievalMethod element provides a way to express a link from an 
> EncryptedData element to the EncryptedKey element containing the key used
>needed to decrypt it.
>Does this mean the KeyRetrievalMethod element must not occur within the
>KeyInfo element of an EncryptedKey element?

Not sure, I'll let someone else speak to the intent of this design.

>4.1 Encryption
>
> >2. If the data being encrypted is an external octet sequence, create an 
> EncryptedData structure referencing the encrypted data ...
>The EncryptedData structure may contain the encrypted data.

/+including or+/

__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Tuesday, 17 April 2001 14:42:29 UTC