PlainText/PlainData and its digest

I'll like to add an optional element called PlainData for including the
plaintext (in EncryptedType). By having such a tag, there is a simple
interface for indicating which data needs to be encrypted - you simply put
it (or a reference to it) in the PlainData. The processing will encrypt the
contents, put it in CipherData element, and remove the plaintext from the
PlainData element (or the entire PlainData element). 

The PlainData element will also have a DigestMethod and DigestValue optional
element. This would be used to include a hash of the plaintext (as discussed
on the list). Right now there are DigestMethod and DigestValue elements to
CipherData; I think as it currently stands, it is not quite clear if this is
a digest (hash) of the ciphertext or of the plaintext, and anyway we may
need both of them. 

The PlainData element may envelope the actual plaintext (using ds:Object or
reference - I don't think we need cryptobinary option here). 

Suggested syntax: 

A. Add definition of PlainData, much like existing CipherData:
<element name='PlainData' type='enc:PlainDataType'/>
  <complexType name='PlainDataType'>
    <sequence>
      <choice>
        <element name='PlainReference' type='PlainReferenceType'/>
		<simpleType name='PlainReferenceType'>
		  <attribute name='Ref' type='anyURI' use='required'/>
		</simpleType>
        <element ref='ds:Object'/>
      </choice>
      <sequence minOccurs='0'>
        <element ref='ds:DigestMethod'/> 
        <element ref='ds:DigestValue'/> 
      </sequence>
     </sequence>
   </complexType>

B. Changes to EncryptedType: 
1. make CipherData optional:
change <element ref='enc:CipherData'/> to <element ref='enc:CipherData'
minOccurs='0'/>
2. Add optional PlainData element: 
<element ref='enc:PlainData' minOccurs='0'/>

p.s. apologies, I'll be on a plane during today's call so I can't join. Next
time...

Best regards, 
Amir Herzberg
CTO, NewGenPay Inc.  
http://www.newgenpay.com/Amir/Herzberg.htm
SMS (urgent only!): _subject_ of email to aherzberg@walla.co.il

Received on Monday, 11 June 2001 05:33:37 UTC