decrypt transform processing rules from Ari Kermaier on 2002-09-24 (xml-encryption@w3.org from September 2002)

From: Ari Kermaier <arik@phaos.com>
Date: Tue, 24 Sep 2002 19:36:37 -0400
To: "W3C XML-ENC WG List" <xml-encryption@w3.org>
Message-ID: <00c001c26423$3990a950$3401a8c0@phaosarik>

Dear All,

It seems to me that it should be possible to eliminate the canonicalization
and re-parsing of the result node-set in the decryptXML(N,E) function as
described in [1]. Since the decryptNodeSet(N,E) function already mandates
serialize/wrap/parse/unwrap for each replacement node-set, why not perform
the namespace and inherited "xml:" attribute augmentations at that point?
Then decryptXML(N,E) could simply replace the EncryptedData elements with
their corresponding replacement node-sets and return the result node-set.
Since the XML Signature reference processing rules will end up applying C14N
to the node-set anyway if needed, the extra serialization and re-parsing at
the end of the decrypt transform would seem to be a waste. Is there another
desirable effect of this canonicalization that I'm not seeing?

[1]
http://www.w3.org/Encryption/2001/Drafts/xmlenc-decrypt.html#sec-xml-process
ing

Ari Kermaier

Received on Tuesday, 24 September 2002 19:38:00 UTC