[Standards-JIG] Re: The Great Encryption Debate
ian.paterson at clientside.co.uk
Tue Aug 9 11:04:45 UTC 2005
> > The proposal is only to remove white-space *between elements*.
> Which elements? e.g. with XHTML:
> <b>one</b> <i>two</i>
I agree there would be issues if the proposal covered elements where XML
(like XHTML) is inserted into XMPP.
> > the only XML being canonicalized is the content of a
> > data form and the content of an <encrypted/> element.
> it pays to be specific when talking about protocols.
You're right that wasn't clear enough. I'll try to explain better.
With JEP-0116 the encrypted data is MACed, not the plain XML. So only a
very limited number of XML elements need to be MACed or signed.
JEP-0116 only requires the whitespace to be removed *between the
elements* before signing (or verifying or MACing) in the following two
More information about the Standards