- From: Rich Salz <rsalz@zolera.com>
- Date: Fri, 03 Aug 2001 00:11:13 -0400
- To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
- CC: xml-encryption@w3.org
> Maybe I've missed something, but I think my proposal is about the best > we can do with XML. About the only alternative is to add an attribute > or parameter to EncryptionMethod which is how many bits to throw away > from the front of the "plain text" to get the real plain text. I.E., > prefix the data octets with a nonce. Then I think we'll have to go that way. Or place a bet that the SOAP 1.1 spec will remove the PI prohibition. Or say XML-ENC can't be used to encrypt SOAP messages. An attribute/param seems the safest. /r$ -- Zolera Systems, Securing web services (XML, SOAP, Signatures, Encryption) http://www.zolera.com
Received on Friday, 3 August 2001 00:10:00 UTC