Donald
Some additional comments on draft
http://tools.ietf.org/pdf/draft-eastlake-additional-xmlsec-uris-08.pdf
sorry about the delay getting these comments to you.
(1) We have defined different *informative* URIs for AES Key Wrap with Padding
in XML Encryption 1.1 [http://www.w3.org/TR/xmlenc-core1/#sec-kw-aes-with-pad]
which are different from those in the RFC, namely
http://www.w3.org/2009/xmlenc11#kw-aes-128-pad
http://www.w3.org/2009/xmlenc11#kw-aes-192-pad
http://www.w3.org/2009/xmlenc11#kw-aes-256-pad
I suggest we change this informative appendix of XML Encryption 1.1 (and the
Security Algorithms Cross-Reference) to match what is in the RFC draft. Thomas,
is there any problem with that at this PR stage?
Those in the RFC draft are:
http://www.w3.org/2007/05/xmldsig-more#kw-aes128-pad
http://www.w3.org/2007/05/xmldsig-more#kw-aes192-pad
http://www.w3.org/2007/05/xmldsig-more#kw-aes256-pad
(2) ConcatKDF fragment needs fixing in 4.1 and change log Appendix A due to a
typo
"2009/xmlenc11#ConctKDF [XMLENC]" should be "2009/xmlenc11#ConcatKDF [XMLENC]"
"#ConctKDF," should be "#ConcatKDF,"
(3) To some degree the fragment index and URI index replicate the published W3C
Note, XML Security Algorithm Cross-Reference and could be incorporated there.
(4) I suggest an update to the Introduction to mention XML Security 1.1 as
follows
after "All of these standards and recommendations use URIs [RFC3986] to
identify algorithms and keying information types."
add
"The W3C has subsequently produced updated XML Signature 1.1 [XMLDSIG11] and
XML Encryption 1.1 [XMLENC11} versions as well as a new XML Signature
Properties specification [XMLDSIG-PROPERTIES].
(5) Typo in introduction
"Canoncialization" should be "Canonicalization"
(6) References
Add references to XML Signature 1.1, XML Encryption 1.1, XML Signature
Properties, XML Security Algorithm Cross-Reference (all to be updated upon
Recommendation publication)
Signature properties has added a namespace: xmlns
dsp="http://www.w3.org/2009/xmldsig-properties"
[XMLDSIG-CORE1]
D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, K. Yiu. XML Signature
Syntax and Processing Version 1.1. 24 January 2013. W3C Proposed
Recommendation. (Work in progress)
URL:http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/
[XMLENC-CORE1]
J. Reagle; D. Eastlake; F. Hirsch; T. Roessler. XML Encryption Syntax and
Processing Version 1.1. 24 January 2013. W3C Proposed Recommendation. (Work in
progress) URL:http://www.w3.org/TR/2013/PR-xmlenc-core1-20130124/
[XMLDSIG-PROPERTIES]
Frederick Hirsch. XML Signature Properties. 24 January 2013. W3C Proposed
Recommendation. (Work in progress.) URL:
http://www.w3.org/TR/2013/PR-xmldsig-properties-20130124/
[XMLSEC-ALGS] F Hirsch, T Roessler, K Yiu XML Security Algorithm
Cross-Reference, 24 January 2013 W3C Working Group Note
http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130124/
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG