- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Fri, 11 Jan 2002 21:40:31 +0100
- To: reagle@w3.org, Takeshi Imamura <IMAMU@jp.ibm.com>
- Cc: xml-encryption@w3.org
>> > Algorithm URI) is sufficient: 1-to1. >> > 2.1 If it doesn't, one would specify the Algorithm and KeyStructure >> > distinctly. For example: >> > <EncryptedKey Type="someEncryptionAlgorithms128bitKey"> >> > <EncryptionMethod >> > Algorithm="&xenc;someEncryptionAlgorithm" /> >> >> I like this because there can be several ways to encode/represent a key >> for an algorithm. > > The Type attribute inheritted from EncryptedType can be used to further > specify the type of the encrypted key if the EncryptionMethod Algorithm > does not define a unambiguous encoding/representation. (Note, all the > algorithms in this specifications have an unambiguous representation for > their associated key structures. [Is this true? -JR]) Not completely, e.g. #kw-tripledes: "XML Encryption implementations MUST support TRIPLEDES wrapping of 168 bit keys and may optionally support TRIPLEDES wrapping of other keys. We allow "other" keys. Same for kw-aesxxx. But XML structured keys wouldn't be wrapped using SymmetricKeyWrap but by using BlockEncryptionAlgorithms, right? I mean from my 'feeling', SymmetricKeyWrap is for 'binary' keys while BlockEncryptionAlgorithms are for 'wrapping' XML structured keys. I think there are many possibilities. Christian
Received on Friday, 11 January 2002 15:40:09 UTC