Thanks Donald
I missed the fact that the references were combined.
Please let me know the RFC # and info I need to update the W3C documents as
soon as it is clear.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 7, 2013, at 5:27 PM, ext Donald Eastlake wrote:
Hi Frederick,
On Thu, Feb 7, 2013 at 4:24 PM,
<Frederick(_dot_)Hirsch(_at_)nokia(_dot_)com> wrote:
Don
I've received feedback from XML Security working group members that propose
you change the URIs in the draft RFC for AES Key Wrap with Padding to match
what is in XML Encryption 1.1, both because we are going to Recommendation
and because there is code that currently uses those values.
Can you please make the change, using the xmlenc11 URIs I listed below in
item 1?
Sure, I'll do that.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
On Feb 7, 2013, at 11:04 AM, wrote:
Donald
Some additional comments on draft
http://tools.ietf.org/pdf/draft-eastlake-additional-xmlsec-uris-08.pdf
sorry about the delay getting these comments to you.
(1) We have defined different *informative* URIs for AES Key Wrap with
Padding in XML Encryption 1.1
[http://www.w3.org/TR/xmlenc-core1/#sec-kw-aes-with-pad] which are
different from those in the RFC, namely
http://www.w3.org/2009/xmlenc11#kw-aes-128-pad
http://www.w3.org/2009/xmlenc11#kw-aes-192-pad
http://www.w3.org/2009/xmlenc11#kw-aes-256-pad
I suggest we change this informative appendix of XML Encryption 1.1 (and
the Security Algorithms Cross-Reference) to match what is in the RFC draft.
Thomas, is there any problem with that at this PR stage?
Those in the RFC draft are:
http://www.w3.org/2007/05/xmldsig-more#kw-aes128-pad
http://www.w3.org/2007/05/xmldsig-more#kw-aes192-pad
http://www.w3.org/2007/05/xmldsig-more#kw-aes256-pad
As above, I'll change the draft to use the ...//2009/xmlenc11#... URIs.
(2) ConcatKDF fragment needs fixing in 4.1 and change log Appendix A due to
a typo
"2009/xmlenc11#ConctKDF [XMLENC]" should be "2009/xmlenc11#ConcatKDF
[XMLENC]"
"#ConctKDF," should be "#ConcatKDF,"
OK.
(3) To some degree the fragment index and URI index replicate the published
W3C Note, XML Security Algorithm Cross-Reference and could be incorporated
there.
If you would like to incorporate this information there, that seems
fine. But I'd like to leave it in the draft also.
(4) I suggest an update to the Introduction to mention XML Security 1.1 as
follows
after "All of these standards and recommendations use URIs [RFC3986] to
identify algorithms and keying information types."
add
"The W3C has subsequently produced updated XML Signature 1.1 [XMLDSIG11]
and XML Encryption 1.1 [XMLENC11} versions as well as a new XML Signature
Properties specification [XMLDSIG-PROPERTIES].
OK.
(5) Typo in introduction
"Canoncialization" should be "Canonicalization"
OK.
(6) References
Add references to XML Signature 1.1, XML Encryption 1.1, XML Signature
Properties, XML Security Algorithm Cross-Reference (all to be updated upon
Recommendation publication)
The current draft does have references to XML Signature 1.1 and XML
Encryption 1.1. The RFC Reference format permits multiple document
under a single tag and both 1.0 and 1.1 are included under the
[XMLDSIG] and [XMLENC] tags.
I'll add the other two documents.
Thanks,
Donald
=============================
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
155 Beaver Street, Milford, MA 01757 USA
d3e3e3(_at_)gmail(_dot_)com
Signature properties has added a namespace: xmlns
dsp="http://www.w3.org/2009/xmldsig-properties"
[XMLDSIG-CORE1]
D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, K. Yiu. XML
Signature Syntax and Processing Version 1.1. 24 January 2013. W3C Proposed
Recommendation. (Work in progress)
URL:http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/
[XMLENC-CORE1]
J. Reagle; D. Eastlake; F. Hirsch; T. Roessler. XML Encryption Syntax and
Processing Version 1.1. 24 January 2013. W3C Proposed Recommendation. (Work
in progress) URL:http://www.w3.org/TR/2013/PR-xmlenc-core1-20130124/
[XMLDSIG-PROPERTIES]
Frederick Hirsch. XML Signature Properties. 24 January 2013. W3C Proposed
Recommendation. (Work in progress.) URL:
http://www.w3.org/TR/2013/PR-xmldsig-properties-20130124/
[XMLSEC-ALGS] F Hirsch, T Roessler, K Yiu XML Security Algorithm
Cross-Reference, 24 January 2013 W3C Working Group Note
http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130124/
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG