Eastlake: send to a proposal for a nonce attribute to salt the data being encrypted if that instance's schema permits nonces to be added.
...
Eastlake: I think he's trying to make it easier to denote what should be encrypted -- and make it clear that the DigestMethod and DigestValue apply to the plaintext not the ciphertext.
Reagle: I hope it's clear in the spec that DigestValue is over the plaintext. Otherwise this seems like an application issue to me (how it internally designates which sections to process)? I asked him to explain it a bit more on the list, so we'll roll this forward.
Simon: it's the octet sequence that you would hand off to the encryption sequence. Also, there's the small topic of the "default behaviour" with respect to processing (e.g., replacing) EncryptedData in an instance.
Dillaway: we're not to far off on this, can discuss and go through the scenarios at the FTF.
Simon: also in Takeshi's about the difference between octets representing XML and Canonical XML, but we need more discussion on the list to properly understand.
Eastlake: not much yet.