OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [OASIS Issue Tracker] (OFFICE-3940) Add OpenPGP-based XML encryption


    [ https://issues.oasis-open.org/browse/OFFICE-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=68445#comment-68445 ] 

Thorsten Behrens commented on OFFICE-3940:
------------------------------------------

Example manifest.xml:

<?xml version="1.0" encoding="UTF-8"?>
<manifest:manifest xmlns:manifest="urn:oasis:names:tc:opendocument:xmlns:manifest:1.0" manifest:version="1.3">
 <manifest:keyinfo>
  <manifest:encrypted-key>
   <manifest:encryption-method manifest:PGPAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
   <manifest:keyinfo>
    <manifest:PGPData>
     <manifest:PGPKeyID>base64_for_keyID1</manifest:PGPKeyID>
     <manifest:PGPKeyPacket>base64_for_key1</manifest:PGPKeyPacket>
    </manifest:PGPData>
   </manifest:keyinfo>
   <manifest:CipherData>
    <manifest:CipherValue>base64_crypt_1</manifest:CipherValue>
   </manifest:CipherData>
  </manifest:encrypted-key>
  <manifest:encrypted-key>
   <manifest:encryption-method manifest:PGPAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
   <manifest:keyinfo>
    <manifest:PGPData>
     <manifest:PGPKeyID>base64_for_keyID2</manifest:PGPKeyID>
     <manifest:PGPKeyPacket>base64_for_key2</manifest:PGPKeyPacket>
    </manifest:PGPData>
   </manifest:keyinfo>
   <manifest:CipherData>
    <manifest:CipherValue>base64_crypt_2</manifest:CipherValue>
   </manifest:CipherData>
  </manifest:encrypted-key>
  .
  .
  .
 </manifest:keyinfo>
 <manifest:file-entry manifest:full-path="/" manifest:version="1.2" manifest:media-type="application/vnd.oasis.opendocument.text"/>
 <manifest:file-entry manifest:full-path="content.xml" manifest:media-type="text/xml" manifest:size="6316">
  <manifest:encryption-data manifest:checksum-type="urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k" manifest:checksum="WN7vgYkjABN7BQmDZwygcZ1vIs1lAP+EZH97pAj0J1Y=">
   <manifest:algorithm manifest:algorithm-name="http://www.w3.org/2001/04/xmlenc#aes256-cbc"; manifest:initialisation-vector="ow2jC4koEAkbFpskMd6neQ=="/>
   <manifest:key-derivation manifest:key-derivation-name="PGP"/>
  </manifest:encryption-data>
 </manifest:file-entry>
 <manifest:file-entry manifest:full-path="styles.xml" manifest:media-type="text/xml" manifest:size="12396">
  <manifest:encryption-data manifest:checksum-type="urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k" manifest:checksum="w3KftLo5k2aDQr0RcjB4RZVJc/rbSdqZc0S6V3yv7v8=">
   <manifest:algorithm manifest:algorithm-name="http://www.w3.org/2001/04/xmlenc#aes256-cbc"; manifest:initialisation-vector="mhha8t2a00tITDTyejOeRQ=="/>
   <manifest:key-derivation manifest:key-derivation-name="PGP"/>
  </manifest:encryption-data>
 </manifest:file-entry>
 .
 .
 .
</manifest:manifest>


> Add OpenPGP-based XML encryption
> --------------------------------
>
>                 Key: OFFICE-3940
>                 URL: https://issues.oasis-open.org/browse/OFFICE-3940
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: New Feature
>          Components: Packaging
>    Affects Versions: ODF 1.3
>            Reporter: Thorsten Behrens
>             Fix For: ODF 1.3
>
>
> Currently ODF supports password-based encryption, using a user-provided string of characters to encrypt an AES session encryption key.
> That is not ideal in the context of sharing documents securely with wider audiences, since one always needs a secure sidechannel to distribute the passphrase.
> This proposal builds on top of https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/ for XML encryption, and essentially extends the ODF manifest markup with a few nodes to denote OpenPGP key material plus transport encryption for the session key



--
This message was sent by Atlassian JIRA
(v6.2.2#6258)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]