Re: An issue and a typo in Decryption Transform Oct 18th draft

On Wednesday 14 November 2001 10:40, Amir Herzberg wrote:
> First a small typo (in Oct. 18th draft - maybe fixed already): in
> section 1.1, `Purpose`, 1st paragraph:
> 	s/Two validate/To validate/

Hi Amir,

I think this is already fixed in the Editors' version:

> However, there is another solution: do not _sign_ the encrypted data in
> the first place. Namely, the transform could have a third operation
> which completely removes encrypted-then-signed elements, 

This is possible and achievable within the framework of xmldsig itself. One 
could write an XPath expression that removed the encrypted portions one 
does not want to sign. The original goal of *this* transform was not to 
address this problem, but the *time* dimension. (Ooh, sounds sci-fi! 
<smile/>) How does a signature creator who wishes to sign a document 
(including encrypted blobs or no encrypted blobs) indicate the state of the 
document *prior* to subsequent encryptions that he might have no knowledge 
or control over. Hence, a "decrypt all the blobs before validating me" 
transform. And of course, if he actually *wanted* to sign some encrypted 
blobs, he needs a "except these."

Consequently, if I understand properly, I think your functionality can be 
addressed, but I'm not sure if we should conjoin the two problems of 
partial signatures, and the time dimension in this spec.

> Please use from now my new e-mail:

(You might want to set your Reply-To: accordingly!)


Joseph Reagle Jr.       
W3C Policy Analyst      
IETF/W3C XML-Signature Co-Chair
W3C XML Encryption Chair

Received on Thursday, 15 November 2001 12:29:38 UTC