- From: Jiandong Guo <jguo@phaos.com>
- Date: Thu, 16 May 2002 10:17:52 -0400
- To: "Dournaee, Blake" <bdournaee@rsasecurity.com>
- CC: xml-encryption@w3.org, "Hammond, Ben" <bhammond@rsasecurity.com>, edsimom@xmlsec.com
"Dournaee, Blake" wrote: > All - > > Given an input Document D: > > <doc> > <elem1> foo1 </elem1> > <elem2> foo2 </elem2> > <elem3> foo3 </elem3> > </doc> > > I want to encrypt just the first two child elements (<elem1> and <elem2>). > This doesn't appear to fit the definition of > Type='http://www.w3.org/2001/04/xmlenc#Element', which suggests a single > element, or Type='http://www.w3.org/20001/04/xmlenc#Content' > which suggests that all three elements must be encrypted (elem1, elem2 and > elem3). > > Choosing to treat the first two elements as arbitrary plaintext also seems > overkill, and if so, this ruins the XML semantics. I cannot > treat it as text/xml, because this document subset is not well-formed. > Treating it as text/plain looses all of the XML semantics. > > The obvious solution is to create two <EncryptedData> elements, but this is > redundant. Another solution is an XPath transform, but this > doesn't exist for XML Encryption. > > Am I missing something here? Is there an obvious solution to this? It seems > like a simple case that might have been overlooked. If you want to encrypt two elements in one EncryptedData, the question is that how do you handle the "replace" process in encryption and later in decryption, considering there could have other nodes (text nodes or other elements) between these two elements? ----------------------------------------- Jiandong Guo Phaos Technology www.phaos.com
Received on Thursday, 16 May 2002 10:13:57 UTC