- From: Joseph Reagle <reagle@w3.org>
- Date: Fri, 16 Nov 2001 16:56:43 -0500
- To: "Takeshi Imamura" <IMAMU@jp.ibm.com>
- Cc: Eastlake <dee3@torque.pothole.com>, xenc <xml-encryption@w3.org>
On Monday 12 November 2001 02:43, Takeshi Imamura wrote: > >> >EncryptedKey, I forgot to move its text when I did that, but I fixed > >> > that in the last edit. > >> > >> Is the Type attribute also needed for the EncryptedKey element? I > >> could not find such a description in the spec. > > > >Yes, if the decrypted CipherData was a ds:KeyValue for instance, you > > would want to process it according to 4.2.4, right? > > Do you mean that you encrypt a ds:KeyValue element into an EncryptedKey > element with the Type Element? To my understanding, it is not allowed. Are you saything the following example with [000] inserted needs to be prevented? [t09] <EncryptedKey Id='EK' CarriedKeyName="John Doe" [t10] xmlns='http://www.w3.org/2001/04/xmlenc#' [000] Type='http://www.w3.org/2001/04/xmlenc#Element'> [t11] <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> [t12] <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> [t13] <ds:KeyName>John Smith</ds:KeyName> [t14] </ds:KeyInfo> [t15] <CipherData><CipherValue>xyzabc</CipherValue></CipherData> [t19] </EncryptedKey> [000] Is saying that when you decrypted the CipherValue, you can expect to find an XML element, perhaps a <ds:KeyValue>3ab3333</ds:KeyValue> > >> So should the implementation give a warning when a user is encrypting > >> a key with a nonce value and/or decrypting a key encrypted with a > >> nonce value? > > > >Why would a warning be necessary? (Warn of what?) I really don't see the > >processing (from an XML decryption point of view) of EncryptedData or > >EncryptedKey as very different. There both processed to get you the > >plain-data, the only different is that one has a little more "meta-data" > >about the EncryptedKey's plain-data, it's a key. > > A nonce cannot be used for encrypting a key, right? Yes. > So I just thought > that, if a user was trying to use a nonce for encrypting a key, it would > be helpful to warn the user of the illegal use of nonce. Our > implementation just ignores such a nonce, though. I fear I'm still not understanding the "illegal" use of nonce. Perhaps specific text proposal to the text would help me understand. > >> >> 3.5 > >> >> Because the URI attribute is optional, the behavior should be noted > >> >> when the attribute is omitted. > >> >> Transform and XPath elements in the example have to be prefixed > >> >> with "ds:". > >> > > >> >Do we have any reason why it should be optional? If so, we should > >> > defer to application context, if not, we should make it mandatory. > >> > >> I don't see any reason. > > > >Ok, ReferenceType URI is now optional. > > I'm sorry for confusing you. I meant that the URI attribute would be > mandatory. Oops, my mistake, it's now required [new revision: 1.72] and I added a URI to the example of section 3.5 . -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Friday, 16 November 2001 16:56:55 UTC