Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 6509 invoked from network); 4 Apr 2006 09:42:20 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 4 Apr 2006 09:42:19 -0000 Received: (qmail 10656 invoked by uid 500); 4 Apr 2006 09:42:18 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 10520 invoked by uid 500); 4 Apr 2006 09:42:18 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: security-dev@xml.apache.org List-Id: Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 10504 invoked by uid 99); 4 Apr 2006 09:42:18 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Apr 2006 02:42:18 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [83.206.112.231] (HELO outbound3.z-ancy-11.fr.sopragroup.com) (83.206.112.231) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Apr 2006 02:42:17 -0700 Received: by outbound3.z-ancy-11.fr.sopragroup.com (8.13.6/8.13.6/outbound-A02) with ESMTP id k349ft1S003116 for ; Tue, 4 Apr 2006 11:41:56 +0200 x-mimeole: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: xml encryption/decryption of binary data Date: Tue, 4 Apr 2006 11:41:57 +0200 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: xml encryption/decryption of binary data Thread-Index: AcZXybSIMuoE2TTyRB2K7T8PnSP2BwAAcx3A From: "Larchier Christophe" To: X-OriginalArrivalTime: 04 Apr 2006 09:41:55.0391 (UTC) FILETIME=[0285DCF0:01C657CC] X-Scanned-By: MIMEDefang 2.52 on 83.206.112.231 X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N It's XML signature but on binary datas (which are XML files, but it's = not important). With xml-security, it's possible to sign binary datas, why not to = encrypt them ? Don't you think that this functionnality should be added ? -----Message d'origine----- De : Berin Lautenbach [mailto:berin@wingsofhermes.org] Envoy=E9 : mardi 4 avril 2006 11:24 =C0 : security-dev@xml.apache.org Objet : Re: xml encryption/decryption of binary data Larchier Christophe wrote: > I sign with XML Signature. > Note that canonicalization is not allowed. Then it's not truly XML signature. Without canonicalisation you run into the problems that you are seeing. So the only real way past is to treat your document as a byte stream rather than an XML document and sign it inside a set of elements as described earlier. Cheers, Berin