New Encryption and Decryption drafts
20:48, 26 Jun 2001 UTC | Simon St.Laurent

The W3C released initial drafts of XML Encryption Syntax and Processing and Decryption Transform for XML Signature.

The XML Encryption work:

"specifies a process for encrypting data and representing the result in XML. The data may be arbitrary data (including an XML document), an XML element, or XML element content. The result of encrypting data is an XML Encryption EncryptedData element which contains (via one of its children's content) or identifies (via a URI reference) the cipher data.When encrypting an XML element or element content the EncryptedData element replaces the element or content (respectively) in the encrypted version of the XML document."

The Decryption Transform for XML Signature takes on an issue deriving from the Encryption work, but with a more limited focus:

"It has been noted... that both signature [XML-Signature] and encryption [XML-Encryption] operations may be performed on an XML document at any time and in any order, especially in scenarios such as workflow.... Since encryption operations applied to part of the signed content after a signature operation cause a signature not to be verifiable, it is necessary to decrypt the portions encrypted after signing before the signature is verified. The "decryption transform" proposed in this document provides a mechanism; decrypting only signed-then-encrypted portions (and ignoring encrypted-then-signed ones). "

Both drafts are products of the W3C Encryption Working Group>

