Re: Why is Except limited to local fragments?

[Merlin, question for you at the bottom.]

On Friday 22 March 2002 14:07, Takeshi Imamura wrote:
> necessary:
> >
> >$Revision: 1.36 $ on $Date: 2002/03/18 18:45:50 $ GMT by $Author: reagle
> > $
> >
> >o If an xenc:EncryptedData being decrypted is the first node in X, the
> >value of its Type attribute MUST NOT be &xenc;Content. This ensures the
> >result is always rooted by a single element.

Ok, reflected in: 
 $Revision: 1.37 $ on $Date: 2002/03/27 23:17:41 $ GMT by $Author: reagle $

> This ensures that if Type is Element, the result is a single-rooted
> node-set, and otherwise, the result is binary data.
> >If the xenc:EncryptedData is not the first node in X and its type is
> >neither &xenc;Element nor &xenc;Content, then it MUST be the only
> >xenc:EncryptedData in X not referenced by an Except element. This
> > prevents the mixed decryption of XML and non-XML data and restricts the
> > decryption transform to a single piece of binary data.
> Sorry, I don't understand this.  In this case, after decryption, how are
> nodes other than the EncryptedData element node and its descendant nodes
> treated?  Are they thrown away?  If yes, it seems strange to me.  I would
> like to propose the text like "If an xenc:EncryptedData element node
> being decrypted is not the first node in X, the value of its Type
> attribute MUST be &xenc;Element or &xenc;Content.  This ensures that the
> result is always a node-set."  How do you feel?

I find your text much simpler, however Merlin is the one that proposed the 
present text and wants to be able to pull a single chunk of binary data out 
of an XML document, so I'd like him to respond to your question.


Joseph Reagle Jr.       
W3C Policy Analyst      
IETF/W3C XML-Signature Co-Chair
W3C XML Encryption Chair

Received on Wednesday, 27 March 2002 18:21:24 UTC