Re: IMPORANT: Comments on draft-eastlake-additional-xmlsec-uris-08

Thanks Donald

I missed the fact that the references were combined.

Please let me know the RFC # and info I need to update the W3C documents as 
soon as it is clear.

regards, Frederick

Frederick Hirsch
Nokia



On Feb 7, 2013, at 5:27 PM, ext Donald Eastlake wrote:

> Hi Frederick,
>
> On Thu, Feb 7, 2013 at 4:24 PM,  
> <Frederick(_dot_)Hirsch(_at_)nokia(_dot_)com> wrote:
> > Don
> >
> > I've received feedback from XML Security working group members that propose 
> > you change the URIs in the draft RFC for AES Key Wrap with Padding to match 
> > what is in XML Encryption 1.1, both because we are going to Recommendation 
> > and because there is code that currently uses those values.
> >
> > Can you please make the change, using the xmlenc11 URIs I listed below in 
> > item 1?
> Sure, I'll do that.
>
> > Thanks
> > regards, Frederick
> >
> > Frederick Hirsch
> > Nokia
> >
> >
> > On Feb 7, 2013, at 11:04 AM,  wrote:
> >
> > > Donald
> > >
> > > Some additional comments on draft 
> > > http://tools.ietf.org/pdf/draft-eastlake-additional-xmlsec-uris-08.pdf
> > >
> > > sorry about the delay getting these comments to you.
> > >
> > > (1) We have defined different *informative* URIs for AES Key Wrap with 
> > > Padding in XML Encryption 1.1 
> > > [http://www.w3.org/TR/xmlenc-core1/#sec-kw-aes-with-pad] which are 
> > > different from those in the RFC, namely
> > >
> > > http://www.w3.org/2009/xmlenc11#kw-aes-128-pad
> > > http://www.w3.org/2009/xmlenc11#kw-aes-192-pad
> > > http://www.w3.org/2009/xmlenc11#kw-aes-256-pad
> > >
> > > I suggest we change this informative appendix of XML Encryption 1.1 (and 
> > > the Security Algorithms Cross-Reference) to match what is in the RFC draft. 
> > > Thomas, is there any problem with that at this PR stage?
> > >
> > > Those in the RFC draft are:
> > >
> > > http://www.w3.org/2007/05/xmldsig-more#kw-aes128-pad
> > > http://www.w3.org/2007/05/xmldsig-more#kw-aes192-pad
> > > http://www.w3.org/2007/05/xmldsig-more#kw-aes256-pad
> As above, I'll change the draft to use the ...//2009/xmlenc11#... URIs.
>
> > > (2) ConcatKDF fragment needs fixing in 4.1 and change log Appendix A due to 
> > > a typo
> > >
> > > "2009/xmlenc11#ConctKDF [XMLENC]" should be "2009/xmlenc11#ConcatKDF 
> > > [XMLENC]"
> > >
> > > "#ConctKDF," should be "#ConcatKDF,"
> OK.
>
> > > (3) To some degree the fragment index and URI index replicate the published 
> > > W3C Note, XML Security Algorithm Cross-Reference and could be incorporated 
> > > there.
> If you would like to incorporate this information there, that seems
> fine. But I'd like to leave it in the draft also.
>
> > > (4) I suggest an update to the Introduction to mention XML Security 1.1 as 
> > > follows
> > >
> > > after "All of these standards and recommendations use URIs [RFC3986] to 
> > > identify algorithms and keying information types."
> > >
> > > add
> > >
> > > "The W3C has subsequently produced updated  XML Signature 1.1  [XMLDSIG11] 
> > > and XML Encryption 1.1 [XMLENC11} versions as well as a new XML Signature 
> > > Properties specification [XMLDSIG-PROPERTIES].
> OK.
>
> > > (5) Typo in introduction
> > >
> > > "Canoncialization" should be "Canonicalization"
> OK.
>
> > > (6) References
> > >
> > > Add references to XML Signature 1.1, XML Encryption 1.1, XML Signature 
> > > Properties, XML Security Algorithm Cross-Reference (all to be updated upon 
> > > Recommendation publication)
> The current draft does have references to XML Signature 1.1 and XML
> Encryption 1.1. The RFC Reference format permits multiple document
> under a single tag and both 1.0 and 1.1 are included under the
> [XMLDSIG] and [XMLENC] tags.
>
> I'll add the other two documents.
>
> Thanks,
> Donald
> =============================
> Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
> 155 Beaver Street, Milford, MA 01757 USA
> d3e3e3(_at_)gmail(_dot_)com
>
> > > Signature properties has added a namespace: xmlns 
> > > dsp="http://www.w3.org/2009/xmldsig-properties";
> > >
> > > [XMLDSIG-CORE1]
> > > D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, K. Yiu. XML 
> > > Signature Syntax and Processing Version 1.1. 24 January 2013. W3C Proposed 
> > > Recommendation. (Work in progress) 
> > > URL:http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/
> > >
> > > [XMLENC-CORE1]
> > > J. Reagle; D. Eastlake; F. Hirsch; T. Roessler. XML Encryption Syntax and 
> > > Processing Version 1.1. 24 January 2013. W3C Proposed Recommendation. (Work 
> > > in progress) URL:http://www.w3.org/TR/2013/PR-xmlenc-core1-20130124/
> > >
> > > [XMLDSIG-PROPERTIES]
> > > Frederick Hirsch. XML Signature Properties. 24 January 2013. W3C Proposed 
> > > Recommendation. (Work in progress.) URL: 
> > > http://www.w3.org/TR/2013/PR-xmldsig-properties-20130124/
> > >
> > > [XMLSEC-ALGS] F Hirsch, T Roessler, K Yiu XML Security Algorithm 
> > > Cross-Reference, 24 January 2013 W3C Working Group Note 
> > > http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130124/
> > >
> > >
> > > regards, Frederick
> > >
> > > Frederick Hirsch, Nokia
> > > Chair XML Security WG