proposed Nonce attribute

I guess this would go somewhere in/under section 3.2. By the way, the
current reference in 3.2 to 5.6 should, I think, be to 5.7.

If the plain text which has been encrypted does not have a large
number of values, the presence of DigestValue may enable a dictionary
attack. Thus care should be taken, when the DigestMethod and
DigestValue element are present, that the plain text has sufficint
entropy to avoid this. In cases where the plain text is XML, the
enc:Nonce attribute is provided. It has no semantic effect but
provides a convenient way to salt the plain text XML being encrypted,
when permitted by that XML's DTD/Schema. For example,

<PlainTextElement enc:Nonce="salt 39ncyhqw833gybhrpoasyd"

 Donald E. Eastlake 3rd            
 155 Beaver Street                                +1 508-634-2066(h)
 Milford, MA 01757 USA                            +1 508-261-5434(w)

Received on Tuesday, 3 July 2001 10:03:42 UTC