RE: Exactly how complex is Attribute Encryption from Joseph M. Reagle Jr. on 2001-02-22 (xml-encryption@w3.org from February 2001)

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Thu, 22 Feb 2001 18:32:16 -0500
To: Ed Simon <ed.simon@entrust.com>
Cc: Public XML Encryption List <xml-encryption@w3.org>
Message-Id: <4.3.2.7.2.20010222180728.02c4cda0@rpcp.mit.edu>

At 17:55 2/22/2001 -0500, Ed Simon wrote:
>    <EncryptedData Type="video/mpeg" Name="secret.mpg">
>       <CipherText URI="secret.enc"/>
>     </EncryptedData>
>
>in the <EncryptedDataManifest> tells the element processor that if needs 
>the data for "secret.mpg" then it will need to decrypt the ciphertext 
>located at "secret.enc".

I still find it confusing that the Name takes the value an attribute name 
*and* an attribute value. Seems to me that if we do attribute encryption, we 
shouldn't be "chasing links": we should only encrypt those things that are 
in the documents Infoset, meaning take the literal value and encrypt it 
regardless of whether its type is string or uriReference -- (to use 
"validating" terminology though we will likely be encrypting non-validating 
data too).

So, if you wanted to encrypt the mpeg and the attribute value:

  <video src="secret.mpeg" type="video/MPV" alt="secret footage">

(Note, it's the application that should be worrying about the MIME type at 
this point) the resulting syntax would be:

   <video src="secret.xml" type="text/xml" enc:EncryptedAttribute="#enc1">
     <EncryptedDataManifest xmlns="">
       <EncryptedData ID="enc1" Type="AttributeValue">
         <CipherText>AbCd...WxYz</CipherText>
       </EncryptedData>
     </EncryptedDataManifest>
    </video>

(Note, I changed the attribute from alt to enc:EncryptedAttribute).

And the mpeg has been encrypted as such:

     <EncryptedData Type="video/mpeg" Name="secret.mpg">
        <CipherText>...</Ciphertext>
      </EncryptedData>

An application will find this data, call the XML handler, which sees the enc 
namespace, and decrypts it appropriately.

I'm sure I'm still not completely grokking your proposal, but could you tell 
me if my proposal fails to me any of your requirements?

__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Thursday, 22 February 2001 18:32:22 UTC