W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2001

Re: Integrity Checking Requirement was -> RE: HW Support and XML Enc ryption Requirements

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Mon, 26 Feb 2001 10:11:38 -0500
Message-Id: <>
To: Mike Wray <mjw@hplb.hpl.hp.com>, Paul.Lambert@cosinecom.com
Cc: xml-encryption@w3.org, <jimsch5@home.com>, <pbaker@verisign.com>
At 09:31 2/26/2001 -0500, Mike Wray wrote:
> > # On Integrity Checking
> >
> >I propose that "integrity" requirements be added:
> >
> >x. The specification must provide mechanisms to check the integrity of
> >decrypted data.  Mandatory to implement algorithms should include integrity
> >check mechanisms.

Well, we its now clear we need a requirement one way or the other as this 
has come up in the past, most recently on January 8th [1]. Philip 
Hallam-Baker [2] and Jim Schaad [3] opposed this requirement for the reasons 
in the referenced thread. Could you speak to the points they raised? This 
issue is not captured in the requirements document [4].

[1] http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0011.html
[2] http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0014.html
[3] http://lists.w3.org/Archives/Public/xml-encryption/2001Jan/0059.html
[4] http://www.w3.org/Encryption/2001/01/23-xml-encryption-req#req-integrity

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Monday, 26 February 2001 10:13:06 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:02 UTC