- From: Takeshi Imamura <IMAMU@jp.ibm.com>
- Date: Wed, 18 Apr 2001 12:50:47 +0900
- To: "Joseph M. Reagle Jr." <reagle@w3.org>
- Cc: "XML Encryption WG " <xml-encryption@w3.org>
Joseph, >>3.4 Extensions to enc:KeyInfo Element >> >> >1. The EncryptedData or EncryptedKey element specifies the associated key >> material: >>The key value may be indicated by specifying the X509Data element for the >>corresponding public key. > >I don't understand. Suppose Alice is delivering a key material to Bob using key transport. If Alice uses Bob's public key in his X.509 certificate, an X509Data element for the certificate may be used for referencing the corresponding private key. So an EncryptedData element would be: <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#’> <EncryptionMethod Algorithm='urn:nist-gov:aes-128-cbc'/> <KeyInfo xmlns=’http://www.w3.org/2000/09/xmldsig#’> <EncryptedKey xmlns='http://www.w3.org/2001/04/xmlenc#’> <EncryptionMethod Algorithm=' urn:rsadsi-com:rsa-v2.0'/> <KeyInfo xmlns=’http://www.w3.org/2000/09/xmldsig#’> <X509Data> <X509SubjectName>CN=Bob,C=US</X509SubjectName> </X509Data> </KeyInfo> <CipherData>(encrypted key material)</CipherData> </EncryptedKey> </KeyInfo> <CipherData>(encrypted data)</CipherData> </EncryptedData> Thanks, Takeshi IMAMURA Tokyo Research Laboratory IBM Research imamu@jp.ibm.com
Received on Tuesday, 17 April 2001 23:51:07 UTC