- From: Joseph Reagle <reagle@w3.org>
- Date: Wed, 24 Oct 2001 15:16:58 -0400
- To: "Dournaee, Blake" <bdournaee@rsasecurity.com>, xml-encryption@w3.org
There used to be a "password key derivation" requirement. There was some confusion about it (which Jim clarified [1]) but there has yet to be a champion for the requirement with a compelling proposal for its specification. On Thursday 18 October 2001 16:27, Dournaee, Blake wrote: > It seems to me that XML Encryption does not have a facility to encrypt > RSA/DSA Private Keys using password-based encryption. E.g. There is no > replacement for what is currently a PKCS#8 "EncryptedPrivateKeyInfo" > structure (to use the ASN.1 terminology) > > Currently, there is no XML representation of such an encrypted construct, > which is very odd because this form of encrypted data is especially > "user-friendly" because it is unlocked with a password. > > Any ideas on this? Or perhaps it was decided against for some good > reason? -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Wednesday, 24 October 2001 15:17:03 UTC