W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2008

Re: ISSUE-48 (DerivedKeyType): No support for derived keys in XML Dsig, XML Enc [Rqmts (XML Signature and Canonicalization V Next Requirements)]

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Thu, 28 Aug 2008 10:37:59 -0400
Message-Id: <8DB00ABB-9DDC-48DC-B65B-452E4E5E0CA9@nokia.com>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, XML Security Working Group Issue Tracker <sysbot+tracker@w3.org>, public-xmlsec@w3.org
To: "ext Thomas Roessler" <tlr@w3.org>

+1

regards, Frederick

Frederick Hirsch
Nokia



On Aug 28, 2008, at 10:05 AM, ext Thomas Roessler wrote:

>
> On 2008-08-28 12:09:47 +0000, XML Security Working Group Issue  
> Tracker wrote:
>
>> Neither XML DSig or XML Enc supports the concept of derived keys.
>>
>> There are several cases when this lack of support is an issue. For
>> example, when encryption or message authentication is based on
>> passwords. Another example is when a master key is all that is shared
>> between communicating parties and avoidance of using this master key
>> for direct protection is desired.
>>
>> A separate email will provide an analysis of the use of derived
>> keys in some existing WS * specifications, and compare the
>> functionality in those specification with an alternative, based
>> on a set of requirements.
>
> On an editorial note, it strikes me that it might be useful to have
> a section on algorithm and keying requirements in the requirements
> and design document, encompassing both Encryption and Signature.
>
> -- 
> Thomas Roessler, W3C  <tlr@w3.org>
>
Received on Thursday, 28 August 2008 14:39:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT