- From: Frederick J. Hirsch <hirsch@zolera.com>
- Date: Tue, 27 Feb 2001 17:01:49 -0500 (EST)
- To: <xml-encryption@w3.org>
- Cc: <fjh@alum.mit.edu>
I have found the section on Non-nesting EncryptedData and EncryptedKey confusing (2.5) Regarding EncryptedData, I think it is clear that nested encryption operations are possible, that an element containing encrypted data may be subsequently encrypted. I think what the section says is that a subsequent encryption will include all the element content, and thus there will always only be one EncryptedData element, and the schema does not allow nesting of the elements. The reason is that the ciphertext always includes enclosed EncryptedData as part of the new ciphertext (it is all coalesced if you will). I am having trouble understanding why nested EncryptedKey elements is not allowed. An example is given where the key used to encrypt the first EncryptedKey is specified in a second EncryptedKey element. Why should they not be nested? Instead it looks like a URI pointer to another element is required, even though it makes sense for this scenario to include one in the another.
Received on Tuesday, 27 February 2001 17:27:54 UTC