W3C home > Mailing lists > Public > public-xmlsec-maintwg@w3.org > March 2008

Re: Please review: proposed FIPS reference changes for XML Signature, Second Edition

From: Sean Mullan <Sean.Mullan@Sun.COM>
Date: Tue, 18 Mar 2008 14:23:26 -0400
To: XMLSec XMLSec <public-xmlsec-maintwg@w3.org>
Message-id: <47E0089E.3000002@sun.com>

These changes are acceptable for Sun's implementation.

--Sean

Frederick Hirsch wrote:
> 
> We have two issues related to the FIPS references in the XML Signature 
> draft
> 
> 1. We reference FIPS 186-2 for DSS, with a URI that doesn't exist any more:
> 
>   http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#ref-DSS
> 
> Proposal is to update that link from:
> 
>   http://csrc.nist.gov/publications/fips/fips186-2/fips186-2.pdf
> 
> to:
> 
>   http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf
> 
> The change notice section notes a restriction related to  the DSA 
> modulus, and also changes related to random number generation.
> 
> It is important that participants in the XML Signature, Second Edition 
> WG indicate whether changing this reference is an issue (or not) for 
> their implementations. Please send a message to the members list noting 
> whether the reference change is acceptable or not.
> 
> 2. We reference FIPS 180-1 for SHA-1:
> 
>   http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#ref-SHA-1
> 
> (FIPS 180-1 is also linked from section 6.2.1.)
> 
> The links we are using for 180-1 are no longer working, and FIPS 180-1 
> has been superseded by FIPS 180-2 (with a change notice).
> 
> The proposal is to change the normative reference for SHA-1 to FIPS 180-2.
> 
>   
> http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf 
> 
> 
> The change here seems to be to add additional hash algorithms which 
> would not impact XML Signature, Second Edition.
> 
> (It appears as though a FIPS 180-3 is scheduled for publication some 
> time soon, which would in turn supersede 180-2.
> http://csrc.nist.gov/publications/drafts/fips_180-3/draft_fips-180-3_June-08-2007.pdf 
> )
> 
> Please review these proposed changes  and post any suggestion or 
> concern  on the public list (or for product/implementation acceptability 
> or issues  on the members list). We would like to resolve this issue on 
> the mailing lists this week if possible.
> 
> Thanks
> 
> regards, Frederick
> 
> Frederick Hirsch, Nokia
> Chair XML Security Specifications Maintenance WG
> 
> 
> 
Received on Tuesday, 18 March 2008 18:24:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 18 March 2008 18:24:19 GMT