- From: merlin <merlin@baltimore.ie>
- Date: Thu, 02 May 2002 01:24:33 +0100
- To: Ari Kermaier <arik@phaos.com>
- Cc: xml-encryption@w3.org
You're right, I think I'm blind. I'll try actually reading tomorrow.. merlin r/arik@phaos.com/2002.05.01/19:56:54 >I thought that XPath caveat was weird as well, but I believe the confusion >on wrapping is really just an infelicity of the language in the text. When >it says "wrap the decrypted octet stream" I think it really means "wrap the >octet stream resulting from decrypting and replacing e in X". (See >Takeshi's answer to my question in [1].) > >Under this reading, I think the following would hold for a signature over >"#foo": > ><Bar xmlns:baz="http://example.org/baz"> > <Foo xml:something="other" Id="foo"> > <enc:EncryptedData ...>...</enc:EncryptedData> > </Foo> ></Bar> > >Dereferencing, decrypting and replacing results in: > ><Foo xml:something="other" Id="foo"> > <plaintext /> > </Foo> > >Since <Bar>'s namespace is in scope for the first element of the input >node-set, <Foo>, parsing context C is {xmlns:baz="http://example.org/baz", >xml:something="other"}. So the result of wrapping would be: > ><dummy xmlns:baz="http://example.org/baz" xml:something="other"><Foo >xml:something="other" Id="foo"> > <plaintext /> > </Foo></dummy> > >Parsing, unwrapping and canonicalizing would result in: > ><Foo xmlns:baz="http://example.org/baz" xml:something="other" Id="foo"> > <plaintext /> > </Foo> > >If this is correct, my proposed text in [2] for decryptXML(X, e, C) and >decryptOctets(X, e) would be OK. Am I missing anything? > >[1] http://lists.w3.org/Archives/Public/xml-encryption/2002Apr/0119.html >[2] http://lists.w3.org/Archives/Public/xml-encryption/2002May/0002.html > > >Ari Kermaier arik@phaos.com >Senior Software Engineer >Phaos Technology Corp. http://www.phaos.com/ > ----------------------------------------------------------------------------- The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorised use, disclosure, copying or alteration of this message is strictly forbidden. Baltimore Technologies plc will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. This footnote confirms that this email message has been swept for Content Security threats, including computer viruses. http://www.baltimore.com
Received on Wednesday, 1 May 2002 20:24:46 UTC