Re: [wss] 2 Nov 04 Minutes V2, with attendance info

["Ramana Turlapati" <ramana.rao.turlapati@oracle.com>]

Here is one more:

 

Specification of MimeType attribute is optional when content as well as headers of the attachment are being encrypted. The phrasing in the current draft of SwA Profile makes it seem that MimeType is required for either transforms (Section 4.4.2, Step 4)

 

Thanks

 

/t$r

(Ramana Turlapati) 

----- Original Message -----

From: Maneesh Sahu

To: Frederick.Hirsch@nokia.com ; wss@lists.oasis-open.org

Sent: Tuesday, November 02, 2004 10:43 AM

Subject: RE: [wss] 2 Nov 04 Minutes V2, with attendance info

> Sent issues list:
>
> http://www.oasis-open.org/archives/wss/200411/msg00004.html <http://www.oasis-open.org/archives/wss/200411/msg00004.html>
>
> Maneesh from Actional noted some issues,

My issue is concerning the Content-Transfer-Encoding in Encryption and Decryption. We currently lose this information in a WSS SwA encryption. The XML Encryption Syntax and processing permits the ‘Encoding’ attribute in an EncryptedType that can store this information. If the attachment’s original CTE was base64, the Encoding attribute may be specified as 'http://www.w3.org/2000/09/xmldsig#base64'. The decryptor may choose to utilize this encoding information to restore the attachment in its original encoding.

I suggest we add this line after 450-451:

Optionally set the <xenc:EncryptedData> Encoding attribute to the attachment MIME part Content-Transfer-Encoding header equivalent before encryption. For example:

     base64: 'http://www.w3.org/2000/09/xmldsig#base64'

--ms