Re: Decryption Transform processing question from Joseph Reagle on 2002-05-30 (xml-encryption@w3.org from May 2002)

From: Joseph Reagle <reagle@w3.org>
Date: Thu, 30 May 2002 15:13:17 -0400
To: Ari Kermaier <arik@phaos.com>, merlin <merlin@baltimore.ie>
Cc: "Takeshi Imamura" <IMAMU@jp.ibm.com>, xml-encryption@w3.org
Message-Id: <20020530191317.0F899463@policy.w3.org>

On Thursday 30 May 2002 01:23 pm, Ari Kermaier wrote:
> I had not considered the sort of document structure that Merlin used to
> illustrate potential ambiguities arising from the processing rules.
> Merlin makes a good point on this subject -- I'm just not sure I
> understand his proposal for dealing with super-encrypted elements by
> using multiple DecryptTransform elements in the dsig:Reference.

Hrmm... Yes, I was advocating for layers/wrappings/peeling, but then again 
if someone adds a layer of super-encryption, the whole point of this  
transform is to create a signature that works regardless of encryptions 
done in the future (since that's impossible to know.) One can't go back and 
add a Transform to a Signature, you'd break it...

Received on Thursday, 30 May 2002 15:13:59 UTC