FW: Comment requested on removing DTD definitions from XML Signature 1.1 and on elliptic curve

FYI.  

If anyone feels there are any concerns here for the
XML Core WG, please say so.

paul

-----Original Message-----
From: w3c-xml-cg-request@w3.org [mailto:w3c-xml-cg-request@w3.org] On
Behalf Of Frederick Hirsch
Sent: Friday, 2009 April 24 15:24
To: w3c-xml-cg@w3.org
Cc: Frederick Hirsch
Subject: Comment requested on removing DTD definitions from XML
Signature 1.1 and on elliptic curve

I've asked about the DTD question on the XML Coordination call before,  
but thought I'd share this formal question in case any chair wishes to  
discuss in their WG to provide feedback to the XML Security WG.

(1) The W3C XML Security working group is considering removing DTD  
definitions from XML Signature 1.1 and XML Encryption 1.1 and only  
providing XML Schema definitions in these specifications [1].

If this is a concern please indicate the concerns and rationale on the  
XML Security WG comment list at public-xmlsec-comments @ w3.org. This  
list is publicly archived at
http://lists.w3.org/Archives/Public/public-xmlsec-comments/

(2) The XML Security WG would also like to refine the question about  
the  suitability of elliptic curve as a mandatory to implement  
algorithm for XML Signature 1.1 by highlighting that the scope of  
elliptic  curve is greatly limited in what is proposed to be mandatory  
in XML  Signature 1.1. The specific  curve being used in an instance  
of ECDSA is important and there are a  few sets of well-known  
("named") curves that have been standardized.  The P-256, P-384 and  
P-521 curves are three of the five NIST-defined  prime curves.

Since the publication of the First Public Working Draft of XML   
Signature 1.1, the following clarifying text was added by the XML   
Security WG to  the end of section 6.4.3 of XML Signature 1.1 [2]:

"This specification REQUIRES implementations to support the   
ECDSAwithSHA256 signature algorithm, which is ECDSA over the P-256  
prime curve specified in Section D.2.3 of FIPS 186-3 [FIPS186-3] (and   
using the SHA-256 hash algorithm). It is further RECOMMENDED that  
implementations also support ECDSA over the P-384 and P-521 prime  
curves; these curves are defined in Sections D.2.4 and D.2.5 of FIPS  
186-3, respectively."

It is important to realize that by reducing the scope of the  
requirement to a specific curve that this should simplify evaluation
of whether it is desirable to make this mandatory to implement.

The XML Security WG would also like to note the importance of this  
algorithm to US Government customers, as evidenced by their adoption  
of Suite B [3]. This is reflected in the XML Security WG Use Cases  
and  Requirements document in section 3.5.2.3 [4].

If you have feedback on the suitability of the mandatory to implement  
requirement for ECDSAwithSHA256 algorithm, please indicate on the  
public comment list. A similar question applies to ECDH-ES mandatory  
for XML Encryption 1.1.

(3) if you have any comment on any of the documents recently published  
by the XML Security WG [1] we would appreciate feedback on the public  
comments list.

Thank you

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

[1] http://www.w3.org/2008/xmlsec/wiki/RoadmapandPublicationStatus

[2] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm

[3] Fact Sheet NSA Suite B Cryptography,
http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml

[4] http://www.w3.org/TR/2009/WD-xmlsec-reqs-20090226/#algorithm-suiteb

Received on Saturday, 25 April 2009 14:39:12 UTC