- From: Frederick J. Hirsch <hirsch@caveosystems.com>
- Date: Mon, 22 Jan 2001 15:53:27 -0500
- To: <xml-encryption@w3.org>
I have questions/comments about XML encryption, regarding the draft XML Encryption Syntax and Processing, Version 1.0 15-December-2000. 1) Is the Initialization Vector (IV) in the Algorithm namespace? (Section 5.2) Is that what the s0 namespace is implying? Shouldn't the example read: <s0:IV xmlns:s0='urn:nist-gov:aes-128-cbc'>ABCD</s0:IV> I'm not sure what I am missing, but an arbitrary namespace does not seem correct. 2)Section 2.5 on invalid nesting is still unclear to me. Are not the constraints implied in this section addressed by the schema definitions of EncryptedKey and EncryptedData in section 3.1? I'm not sure why one would want to define the EncryptedData element recursively. On the other hand, one would want to be able to encrypt elements which have already been encrypted, but from the discussion on this list that is allowed. 3) Is the motivation for a DataReference in an EncryptedKey EncryptionMethod element to allow a processing optimization for decryption of all the encrypted elements for that key? 4) If it is necessary to hide the content type (e.g. in the video example in section 5.8) then would the correct alternative be to encrypt the entire video element rather than just the referenced content? 5) Why not call the NameKey attribute "KeyName" in the EncryptedKey element? KeyName would be consistent with the KeyName element in the EncryptedData element. thanks < Frederick
Received on Monday, 22 January 2001 15:46:20 UTC