add support for XML Encryption

[djhaynes]

Previously, I have submitted a formal request for inclusion of the XML
Encryption Standard(XMLENC) into OVAL. I think there is a great amount
of overlap between XMLENC and MIL-STD-1840C.

I am not sure as to the status of this RFE. However, it should easily
integrate with OVAL as much of the algorithms coincide with those
already required and recommended by the XML Digital Signature Standard.
Which of course is already implemented and included within the OVAL
Schemas.

Thomas,

Do you think that OVAL needs to change to accommodate XMLENC? As you mentioned
we have explicitly included areas of support for XMLDSig in OVAL. This was done
to allow for capabilities that we felt we could not achieve otherwise. Are
there similar capabilities that we would gain from by incorporating support for
XMLENC into the OVAL Schemas? Or is it adequate to simply allow people to
encrypt OVAL content as they see fit? What would you suggest that we change to
support XMLENC?

I of course curious to know if others would like to see OVAL support XMLENC,
and what specifically is needed.

[djhaynes]

Also see:

http://making-security-measurable.1364806.n2.nabble.com/Comments-on-OVAL-5-7-tp4784920p4933167.html

[djhaynes]

As of this time there has been little support for adding in XML Encryption in
version 5.8. For this reason we are going to defer this request to a later
release.

[djhaynes]

As of this time there has been little support for adding in XML Encryption in
version 5.10. For this reason we are going to defer this request to a later
release.