RE: [security-services] XML Encryption guidance issue - Fred...@nokia.com - org.oasis-open.lists.security-services

3 messages in org.oasis-open.lists.security-servicesRE: [security-services] XML Encryptio...

From	Sent On	Attachments
Fred...@nokia.com	Aug 26, 2004 10:05 am
Scott Cantor	Aug 26, 2004 10:19 am
Fred...@nokia.com	Aug 26, 2004 1:47 pm

Subject:	RE: [security-services] XML Encryption guidance issue
From:	Fred...@nokia.com (Fred...@nokia.com)
Date:	Aug 26, 2004 1:47:29 pm
List:	org.oasis-open.lists.security-services

Scott

Gary Ellison noted that usng an OOB symmetric key to encrypt the

encryption keys used is likely to be >useful in such a case to make the process efficient.

Right, this fits in with not mandating particular key management mechanisms.

Super-encryption, which means encrypting content that includes encrypted content, is not specified in the SAML specifications, but this does not mean it couldn't occur in a SOAP messaging component of

the system - but the SAML specifications are silent on the topic and I believe this is appropriate.

Well, it could happen with SAML quite easily such as an encrypted assertion that contains an EncryptedID or EncryptedAttribute. The question is, do we need to say

anything about it? I'm not sure >why encrypting an element that happens to have stuff from the XMLEnc spec in it is different from any >other element.

I don't think much need be said in this case.

Regards, Frederick

Frederick Hirsch Nokia

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets