- From: Takeshi Imamura <IMAMU@jp.ibm.com>
- Date: Mon, 7 Jan 2002 19:38:45 +0900
- To: reagle@w3.org
- Cc: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, xml-encryption@w3.org
Joseph, >3. Prohibit XML structures as the plaintext within EncryptedKey. I think >Takeshi has already suggested this when I asked him how to Encrypt ><ds:KeyValue/>, he said it should be Encrypted as a EncryptedData. This >acknowledged that all key formats are binary today, and that they will >likely be so in the future. This makes sense when one considers key wraps >and such, but might preclude XML formats in the future...? My intention was to prohibit encrypting an XML structure containing a key, which is a part of an XML document, into an EncryptedKey element, not to prohibit encoding a key in XML and then encrypting it as binary into an EncryptedKey element. I believe a key can be encoded in ASN.1, XML, and so on. >2. I'm proposing that the Algorithm *can* have a specific/deterministic >structure, in which case one could: >a. repeat the same (Encryption Method Algorithm URI) in the (EncryptedKey >Type) . >b. if the (EncryptedKey Type) isn't specified assume the (Encryption Method >Algorithm URI) is sufficient: 1-to1. >2.1 If it doesn't, one would specify the Algorithm and KeyStructure >distinctly. For example: ><EncryptedKey Type="someEncryptionAlgorithms128bitKey"> > <EncryptionMethod > Algorithm="&xenc;someEncryptionAlgorithm" /> I like this because there can be several ways to encode/represent a key for an algorithm. Thanks, Takeshi IMAMURA Tokyo Research Laboratory IBM Research imamu@jp.ibm.com
Received on Monday, 7 January 2002 05:39:05 UTC