Re: Last call comments on XML Encryption specs

Hello John,

Yes, you got it right. It's about the only way to do things,
given that we cannot change existing XML transcoders
(not the least because it is impossible to transcode something
that is already encrypted). Please also note that in many
scenarios, the encrypter will transcode from the entity
encoding to some Unicode-based encoding for internal
processing anyway.

Regards,   Martin.

At 17:07 02/01/09 -0500, John Cowan wrote:
>Joseph Reagle wrote:
>
>
>>I'm not quite sure I undersatnd this. A partially encrypted XML document 
>>is XML. It's XML that has a few xenc:EncryptedData elements. Those 
>>elements include characters in CipherValue that represent octets (which 
>>are the encrypted form of something else which I will return too) as 
>>encoded by base64Binary.
>
>
>Okay, I grasp that.  The transcoder can be a general XML transcoder,
>then; it does not need to treat EncryptedData elements specially,
>only the XML declaration.
>
>
>>Now, what is the nature of this data that has been encrypted: the 
>>plaintext? It is an octect sequence that represents in UTF-8 the 
>>characters resulting from serializing some part of an XML document. This 
>>XML fragment (the part of the original source XML that is to be 
>>encrypted) might not be well-formed in a few instances.
>
>
>So I was right in saying that, in the general case, the decrypter must
>be able to transcode from UTF-8 to the entity encoding, and a fortiori
>the encrypter must be able to transcode from the entity encoding
>to UTF-8 (unless that has already been done by the XML parser).
>
>--
>Not to perambulate             || John Cowan <jcowan@reutershealth.com>
>    the corridors               || http://www.reutershealth.com
>during the hours of repose     || http://www.ccil.org/~cowan
>    in the boots of ascension.  \\ Sign in Austrian ski-resort hotel

Received on Wednesday, 9 January 2002 20:22:15 UTC