W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2002

Re: xenc:EncryptedKey/@Type

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Fri, 11 Jan 2002 21:40:31 +0100
To: reagle@w3.org, Takeshi Imamura <IMAMU@jp.ibm.com>
Cc: xml-encryption@w3.org
Message-id: <1467916929.1010785231@[192.168.10.1]>
>> > Algorithm URI) is sufficient: 1-to1.
>> > 2.1 If it doesn't, one would specify the Algorithm and KeyStructure
>> > distinctly. For example:
>> > <EncryptedKey Type="someEncryptionAlgorithms128bitKey">
>> >    <EncryptionMethod
>> >         Algorithm="&xenc;someEncryptionAlgorithm" />
>>
>> I like this because there can be several ways to encode/represent a key
>> for an algorithm.
>
> The Type attribute inheritted from EncryptedType can be used to further
> specify the type of the encrypted key if the EncryptionMethod Algorithm
> does not define a unambiguous encoding/representation. (Note, all the
> algorithms in this specifications  have an unambiguous representation for
> their associated key structures. [Is this true? -JR])

Not completely, e.g. #kw-tripledes:

  "XML Encryption implementations MUST support TRIPLEDES
   wrapping of 168 bit keys and may optionally support
   TRIPLEDES wrapping of other keys.

We allow "other" keys. Same for kw-aesxxx. But XML structured keys wouldn't 
be wrapped using SymmetricKeyWrap but by using BlockEncryptionAlgorithms, right? I mean from my 'feeling', SymmetricKeyWrap is for 'binary' keys while BlockEncryptionAlgorithms are for 'wrapping' XML structured keys.

I think there are many possibilities.

Christian
Received on Friday, 11 January 2002 15:40:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:06 UTC