...
Simon: I'm the author of the original text mentioning 'reversible transforms'. My main objective was to clarify the contrast between the processing of transforms when signing&verifying compared to when encrypting&decrypting. Don has suggested the spec just needs to cover transforms from the decrypting point of view which is fine with me; the implementation gotchas I was discussing can be covered in other non-normative material.
(Takeshi): Canonicalization: not reversible really. Simon: While not symmetrically reversible from a character by character view, if the the canonicalized version is adequate for the application's purposes, all's well. A transform only needs to be reversible to the extent you can get back the stuff you care about. Since one would not use canonicalization if it was important to get back the lost info, there is no issue with the use of canonicalization in transforms
Reagle: example seems to be causing confusion by specifiying canonicalization and compression, can we use different transforms other than base64?
Dillaway: another examples, use an XPath.
There needs to be salt in the plaintext version of the data.
Eastlake: define a nonce with a salt.
Reagle: could we have the encryption algorithm clean up and remove nonces?
Schaad: then what if you signed it, when do you remove it?
Schaad: I'd rather see an encryption algorithm, 3DES plus this plus in the DigestValue.
Reagle: Herzberk wanted some "morphable" functionality, Ashwood didn't like the combinatorial explosion.
Action Reagle: propose a poll on the two. Action: Schaad: look at Amir's original proposal and engage him on the list.
Needs more time on the list.
Where a symmetric key is shared amongst multiple recipients, its encapsulating EncryptedKey should not reference or be referenced by other data not intended for all of those multiple recipients. (Kind of complex...?)
Action Reagle: rewrite Section 6.2 and deprecate option 1
Agreement: put them back in.
Eastlake: now in there just to show how it can be done since there is interest.
Reagle: Keep provissionally and ask for implementations.
Eastlake: clarified the text that the IV doesn't have to be present, or can occur somewhere else than that specified.
Action Schaad: additionally, add a sentence explaining why we placed it as specified.
Misc.