Re: Fwd: Re: Minutes of 011119-tele from Joseph Reagle on 2001-12-10 (xml-encryption@w3.org from December 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Mon, 10 Dec 2001 15:07:58 -0500
To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Cc: XML Encryption WG <xml-encryption@w3.org>
Message-Id: <20011210200758.C95BE2A@policy.w3.org>

On Monday 10 December 2001 07:13, Christian Geuer-Pollmann wrote:
> I would add the following as a note to section 4.1 bullet 5.1:
>
> <EXISTING_TEXT>The application MAY use this as the top-level element in a
> new XML document or insert it into another XML document. </EXISTING_TEXT>
>
> <P>Note: If the <CODE>EncryptedData</CODE> element is used as the root
> element of a new document, the <STRONG>encryptor</STRONG> MUST ensure
> that the Type is not element '<A
> href="http://www.w3.org/TR/2000/REC-xml-20001006#NT-content">content</A>'
>. Otherwise <A
> HREF="http://www.w3.org/TR/2000/REC-xml-20001006#dt-wellformed">well-form
>ed ness</A> would be broken after decryption. </P>

Thanks! But I'm not sure if I agree with that. The spec says, "Type is an 
optional attribute identifying type information about the plaintext form of 
the encrypted content." And I think the intent was to add a warning, not a 
conformance requirement. I think we intended something closer to:

  (Note: If the EncryptedData element is used as the root element of a 
  new document and its Type is 'content' the plaintext resulting 
  from decryption will not be well-formed.)

> First of all, in "section 3.1" and "section 4.1 point 3.1" a quote is
> (probably) wrong:
>
> 'element' or element 'content'
> should be
> 'element' or 'element content'

I use this convention because the two identifiers are:
 'http://www.w3.org/2001/04/xmlenc#Element'
 'http://www.w3.org/2001/04/xmlenc#Content'
but if I just said 'Content' the course of a paragraph, people might 
wonder, content of what?

> In "section 4.1 point 3.1", the last sentence is correct but reads a
> little bit bad. I would end the sentence: "If the encryptor does not
> serialize, then the application MUST perform the serialization."

Ok.

-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Monday, 10 December 2001 15:08:00 UTC