ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Comments on draft-eastlake-additional-xmlsec-uris-08

2013-02-07 11:31:13
from [Frederick.Hirsch] [Permanent Link] 
Donald 

Some additional comments on draft 
http://tools.ietf.org/pdf/draft-eastlake-additional-xmlsec-uris-08.pdf

sorry about the delay getting these comments to you.

(1) We have defined different *informative* URIs for AES Key Wrap with Padding 
in XML Encryption 1.1 [http://www.w3.org/TR/xmlenc-core1/#sec-kw-aes-with-pad] 
which are different from those in the RFC, namely

http://www.w3.org/2009/xmlenc11#kw-aes-128-pad

http://www.w3.org/2009/xmlenc11#kw-aes-192-pad

http://www.w3.org/2009/xmlenc11#kw-aes-256-pad

I suggest we change this informative appendix of XML Encryption 1.1 (and the 
Security Algorithms Cross-Reference) to match what is in the RFC draft. Thomas, 
is there any problem with that at this PR stage?

Those in the RFC draft are:

http://www.w3.org/2007/05/xmldsig-more#kw-aes128-pad 

http://www.w3.org/2007/05/xmldsig-more#kw-aes192-pad 

http://www.w3.org/2007/05/xmldsig-more#kw-aes256-pad

(2) ConcatKDF fragment needs fixing in 4.1 and change log Appendix A due to a 
typo

"2009/xmlenc11#ConctKDF [XMLENC]" should be "2009/xmlenc11#ConcatKDF [XMLENC]"

"#ConctKDF," should be "#ConcatKDF,"

(3) To some degree the fragment index and URI index replicate the published W3C 
Note, XML Security Algorithm Cross-Reference and could be incorporated there.

(4) I suggest an update to the Introduction to mention XML Security 1.1 as 
follows

after "All of these standards and recommendations use URIs [RFC3986] to 
identify algorithms and keying information types."

add

"The W3C has subsequently produced updated  XML Signature 1.1  [XMLDSIG11] and 
XML Encryption 1.1 [XMLENC11} versions as well as a new XML Signature 
Properties specification [XMLDSIG-PROPERTIES].

(5) Typo in introduction

"Canoncialization" should be "Canonicalization"

(6) References

Add references to XML Signature 1.1, XML Encryption 1.1, XML Signature 
Properties, XML Security Algorithm Cross-Reference (all to be updated upon 
Recommendation publication)

Signature properties has added a namespace: xmlns 
dsp="http://www.w3.org/2009/xmldsig-properties";

[XMLDSIG-CORE1]
D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, K. Yiu. XML Signature 
Syntax and Processing Version 1.1. 24 January 2013. W3C Proposed 
Recommendation. (Work in progress) 
URL:http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/

[XMLENC-CORE1]
J. Reagle; D. Eastlake; F. Hirsch; T. Roessler. XML Encryption Syntax and 
Processing Version 1.1. 24 January 2013. W3C Proposed Recommendation. (Work in 
progress) URL:http://www.w3.org/TR/2013/PR-xmlenc-core1-20130124/

[XMLDSIG-PROPERTIES]
Frederick Hirsch. XML Signature Properties. 24 January 2013. W3C Proposed 
Recommendation. (Work in progress.) URL: 
http://www.w3.org/TR/2013/PR-xmldsig-properties-20130124/

[XMLSEC-ALGS] F Hirsch, T Roessler, K Yiu XML Security Algorithm 
Cross-Reference, 24 January 2013 W3C Working Group Note 
http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130124/


regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Comments on draft-eastlake-additional-xmlsec-uris-08, Frederick.Hirsch <=
Previous by Date:  Re: [mpls] Last Call: <draft-ietf-mpls-tp-security-framework-07.txt> (MPLS-TP Security Framework) to Informational RFC, Luyuan Fang (lufang)
Next by Date:  Re: Remote Participation Services, Simon Pietro Romano
Previous by Thread:  Gen-ART review of draft-ietf-pwe3-mpls-eth-oam-iwk-07, Black, David
Next by Thread:  Weekly posting summary for ietf(_at_)ietf(_dot_)org, Thomas Narten
Indexes:  [Date] [Thread] [Top] [All Lists]