ISSUE-107: deprecate decryption transform?, see what you sign and workflow

deprecate decryption transform?, see what you sign and workflow

State:
CLOSED
Product:
free
Raised by:
Ed Simon
Opened on:
2009-02-24
Description:
http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0006.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0007.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0008.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/att-0009/00-part (Pratik)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0011.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0013.html

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0014.html

I struggle to find a scenario where all of the following hold:

1) use of the decryption transform is necessary

2) it provides correct guarantees of authentication, privacy and secure operation in the presence of an adversary

3) it is more appropriate than specifying ordering explicitly with an XProc workflow, a protocol specification or as an implicit part of application logic

Of these, I'm most opinionated that (2) should not be neglected as a necessary condition of any feature proposed for inclusion in the 2.0 specs.

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0015.html

Related Actions Items:
No related actions
Related emails:
  1. Re: Sept 29 Meeting Minutes (from Frederick.Hirsch@nokia.com on 2009-09-29)
  2. issues related to see what sign and decrypt transform (from frederick.hirsch@nokia.com on 2009-02-24)
  3. ISSUE-107: deprecate decryption transform?, see what you sign and workflow [v.next (Design for XML Signature V Next)] (from sysbot+tracker@w3.org on 2009-02-24)

Related notes:

No additional notes.

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 107.html,v 1.1 2017/01/10 16:24:40 carine Exp $