- From: merlin <merlin@baltimore.ie>
- Date: Tue, 11 Sep 2001 11:24:51 +0100
- To: reagle@w3.org
- Cc: XML Encryption WG <xml-encryption@w3.org>
Just to clarify, my understanding of Amir's digest requirement is: . To create a document with multiple encrypted parts. . To include a digest of the plaintext part in each EncryptedData. . To compute a signature over these digests. The purpose of this is that you can validate the signature fully, and then selectively validate individual plaintexts depending on your needs. I would suggest that this requirement is satisfied by XML signature manifests and our decryption transform: . Create a document with multiple encrypted parts. . Create a manifest containing a reference to each EncryptedData processed by our decryption transform. . Create a signature over this manifest. This signature can be fully validated without exposing all the plaintext, and then manifest references can be selectively validated as needed. This seems to satisfy the requirement and it uses existing capabilities of the existing specs[*]. * Our decryption transform does not currently support non-XML ciphertext. Merlin r/reagle@w3.org/2001.09.10/14:42:46 > >http://www.w3.org/Encryption/2001/Minutes/010910-tele.html > ----------------------------------------------------------------------------- Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. In addition, certain Marketing collateral may be added from time to time to promote Baltimore Technologies products, services, Global e-Security or appearance at trade shows and conferences. This footnote confirms that this email message has been swept by Baltimore MIMEsweeper for Content Security threats, including computer viruses. http://www.baltimore.com
Received on Tuesday, 11 September 2001 06:25:36 UTC