W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2002

Encryption Subset Scenario

From: Dournaee, Blake <bdournaee@rsasecurity.com>
Date: Wed, 15 May 2002 12:35:44 -0700
Message-ID: <E7B6CB80230AD31185AD0008C7EBC4D202A1BF8F@exrsa01.rsa.com>
To: xml-encryption@w3.org
Cc: "Hammond, Ben" <bhammond@rsasecurity.com>
All -

Given an input Document D:

  <elem1> foo1 </elem1>
  <elem2> foo2 </elem2>
  <elem3> foo3 </elem3>

I want to encrypt just the first two child elements (<elem1> and <elem2>).
This doesn't appear to fit the definition of
Type='http://www.w3.org/2001/04/xmlenc#Element', which suggests a single
element, or Type='http://www.w3.org/20001/04/xmlenc#Content'
which suggests that all three elements must be encrypted (elem1, elem2 and

Choosing to treat the first two elements as arbitrary plaintext also seems
overkill, and if so, this ruins the XML semantics. I cannot
treat it as text/xml, because this document subset is not well-formed.
Treating it as text/plain looses all of the XML semantics.

The obvious solution is to create two <EncryptedData> elements, but this is
redundant. Another solution is an XPath transform, but this
doesn't exist for XML Encryption.

Am I missing something here? Is there an obvious solution to this? It seems
like a simple case that might have been overlooked. 


Blake Dournaee
Toolkit Applications Engineer
RSA Security
"The only thing I know is that I know nothing" - Socrates
Received on Wednesday, 15 May 2002 15:35:57 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:09 UTC