OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [OASIS Issue Tracker] (OFFICE-3940) Add OpenPGP-based XML encryption


    [ https://issues.oasis-open.org/browse/OFFICE-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=70088#comment-70088 ] 

Regina Henschel commented on OFFICE-3940:
-----------------------------------------

It is confusion to have an element {{<manifest:keyinfo>}} and an element {{<manifest:KeyInfo>}}. BTW, notice, that the schema has the different uppercase/lowercase, but not the example.

The proposal has a structure
{code:xml}
<manifest:manifest ...>
    <manifest:keyinfo>
        <manifest:encrypted-key>
...
        </manifest:encrypted-key>
   </manifest:keyinfo>
...
{code}
I do not see, why the element {{<manifest:keyinfo>}} is needed at all. It has no attributes and its only child is {{<manifest:encrypted-key>}}. Wouldn't
{code:xml}
<manifest:manifest ...>
        <manifest:encrypted-key>
...
        </manifest:encrypted-key>
...
{code}
or as schema 
{code:xml}
<rng:define name="manifest">
     <rng:element name="manifest:manifest">
       <rng:ref name="manifest-attlist"/>
+      <rng:optional>
+        <rng:ref name="encrypted-key"/>
+      </rng:optional>
       <rng:oneOrMore>
         <rng:ref name="file-entry"/>
       </rng:oneOrMore>
{code}
do the same, but more simple?

> Add OpenPGP-based XML encryption
> --------------------------------
>
>                 Key: OFFICE-3940
>                 URL: https://issues.oasis-open.org/browse/OFFICE-3940
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: New Feature
>          Components: Packaging
>    Affects Versions: ODF 1.3
>            Reporter: Thorsten Behrens
>            Priority: Major
>             Fix For: ODF 1.3
>
>
> Currently ODF supports password-based encryption, using a user-provided string of characters to encrypt an AES session encryption key.
> That is not ideal in the context of sharing documents securely with wider audiences, since one always needs a secure sidechannel to distribute the passphrase.
> This proposal builds on top of https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/ for XML encryption, and essentially extends the ODF manifest markup with a few nodes to denote OpenPGP key material plus transport encryption for the session key



--
This message was sent by Atlassian JIRA
(v7.7.2#77003)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]