OASIS Open Document Format for Office Applications (OpenDocument) TC

 View Only

Re: OFFICE-3940 Add OpenPGP-based XML encryption

  • 1.  Re: OFFICE-3940 Add OpenPGP-based XML encryption

    Posted 12-04-2017 17:24
    Hi Regina, Regina Henschel wrote: > would a structure as sketched in the attached drawing page 2 fit to > your intended additions for OpenPGP? > Not quite, hopefully with the updated schema changes it should become more obvious (happy to edit your UML diagram - do you work directly in Draw, or have it exported from an UML editor)? The key 'derivation' via PGP happens per the KeyInfo element, which encrypts the session key, potentially for multiple recipients. This does not make sense on a per-file-entry level IMO, also the KeyInfo can potentially be quite voluminous (think public keys with lots of signatures, or a large recipient list) - so I put it on the manifest:manifest level. Equally, a number of key-derivation-attlist options don't make sense for PGP transport encryption (since you can pick a large enough random encryption key), so that's the choice section, with options manifest:key-derivation-name="PGP" or anything else falling back to ODF1.2 behaviour. With best regards, Thorsten -- Thorsten Behrens IT-Lead LibreOffice ––– CIB software GmbH Hamburg branch office Flachsland 10 22083 Hamburg Germany ––– T +49 40 28 48 42 -216 F +49 40 28 48 42 -100 Thorsten.Behrens@cib.de www.cib.de ––– Registered office: Munich Registration court Munich, HRB 123286 Managing director: Dipl.-Ing. Ulrich Brandner --- Attachment: signature.asc Description: Digital signature