- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 30 May 2002 15:33:47 -0400
- To: merlin <merlin@baltimore.ie>
- Cc: xml-encryption@w3.org
On Thursday 30 May 2002 03:06 pm, merlin wrote: > By "perform the decryption and processing as defined by > that Type", do you mean that the definition of the Type must > specify how it is used by the decryption transform, that the > processing step will identify whether or not the result is > UTF-8 encoded XML data, or that processing according to a > Type attribute will always produce UTF-8 encoded XML data? The first. The octects could be anything, a serialized representatin of a Infoset item, a pickled python DOM node, compressed data, etc. Type is an optional attribute identifying type information about the plaintext form of the encrypted content. While optional, this specification takes advantage of it for mandatory processing described in Processing Rules: Decryption (section 4.2). If the EncryptedData element contains data of Type 'element' or element 'content', and replaces that data in an XML document context, it is strongly recommended the Type attribute be provided. Without this information, the decryptor will be unable to automatically restore the XML document to its original cleartext form. ... The definition of this type as bound to an identifier specifies how to obtain and interpret the plaintext octets after decryption. For example, the idenifier could indicate that the data is an instance of another application (e.g., some XML compression application) that must be further processed. Or, if the data is a simple octet sequence it MAY be described with the MimeType and Encoding attributes. For example, the data might be an XML document ... 4.3 XML Encryption Encryption and decryption operations are transforms on octets. The application is responsible for the marshalling XML such that it can be serialized into an octet sequence, encrypted, decrypted, and be of use to the recipient. For example, if the application wishes to canonicalize its data or encode/compress the data in an XML packaging format, the application needs to marshal the XML accordingly and identify the resulting type via the EncryptedData Type attribute. The likelihood of successful decryption and subsequent processing will be dependent on the recipient's support for the given type. Also, if the data is intended to be processed both before encryption and after decryption (e.g., XML Signature [XML-DSIG] validation or an XSLT transform) the encrypting application must be careful to preserve information necessary for that process's success. For interoperability purposes, the following types MUST be implemented. element 'http://www.w3.org/2001/04/xmlenc#Element' "[39] element ::= EmptyElemTag | STag content ETag" [XML] content 'http://www.w3.org/2001/04/xmlenc#Content' "[43] content ::= CharData? ((element | Reference | CDSect | PI | Comment) CharData?)*" [XML]
Received on Thursday, 30 May 2002 15:34:27 UTC