- From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
- Date: Thu, 23 Apr 2009 08:25:57 -0400
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>
fyi
regards, Frederick
Frederick Hirsch
Nokia
Begin forwarded message:
> From: "ext Priestley, Mark, VF-Group" <Mark.Priestley@vodafone.com>
> Date: April 23, 2009 3:31:43 AM EDT
> To: "Hirsch Frederick (Nokia-CIC/Boston)"
> <Frederick.Hirsch@nokia.com>, Web Applications Working Group WG <public-webapps@w3.org
> >
> Cc: "Babbage, Steve, VF-Group" <Steve.Babbage@vodafone.com>
> Subject: RE: [widget-digsig] Pls review: Additional considerations
> on elliptic curve algorithms to consider
>
> Hi Frederick, All,
>
> Vodafone supports the move to support ECDSA in XML Signature 1.1 [2]
> and
> welcomes the new clarifying text. Vodafone will not object to
> ECDSAwithSHA256 being specified as mandatory [2] however we would like
> to propose that it is a recommended algorithm in Widgets 1.0: Digital
> Signatures [5] (e.g. a SHOULD).
>
> Regards,
>
> Mark
>
>
> -----Original Message-----
> From: public-webapps-request@w3.org
> [mailto:public-webapps-request@w3.org] On Behalf Of Frederick Hirsch
> Sent: 08 April 2009 11:30
> To: Web Applications Working Group WG
> Cc: Frederick Hirsch
> Subject: [widget-digsig] Pls review: Additional considerations on
> elliptic curve algorithms to consider
>
> The XML Security WG would like to refine the question about the
> suitability of elliptic curve as a mandatory to implement algorithm
> for XML Signature 1.1 by highlighting that the scope of elliptic
> curve is greatly limited in what is proposed to be mandatory in XML
> Signature 1.1.
>
> As T-Mobile pointed out previously in their comments [1], the specific
> curve being used in an instance of ECDSA is important and there are a
> few sets of well-known ("named") curves that have been standardized.
> The P-256, P-384 and P-521 curves are three of the five NIST-defined
> prime curves.
>
> Since the publication of the First Public Working Draft of XML
> Signature 1.1, the following clarifying text was added by the XML
> Security WG to the end of section 6.4.3 of XML Signature 1.1 [2]:
>
> "This specification REQUIRES implementations to support the
> ECDSAwithSHA256 signature algorithm, which is ECDSA over the P-256
> prime curve specified in Section D.2.3 of FIPS 186-3 [FIPS186-3] (and
> using the SHA-256 hash algorithm). It is further RECOMMENDED that
> implementations also support ECDSA over the P-384 and P-521 prime
> curves; these curves are defined in Sections D.2.4 and D.2.5 of FIPS
> 186-3, respectively."
>
> It is important to realize that by reducing the scope of the
> requirement to a specific curve that this should simplify evaluation
> of whether it is desirable to make this mandatory to implement.
>
> The XML Security WG would also like to note the importance of this
> algorithm to US Government customers, as evidenced by their adoption
> of Suite B [3]. This is reflected in the XML Security WG Use Cases and
> Requirements document in section 3.5.2.3 [4].
>
> These considerations can also apply to the decision of which
> algorithms should be required in Widget Signature.
>
> Please share this additional information in your organization and
> indicate if it would cause any change in position regarding the
> mandatory to implement algorithms.
>
> Thank you
>
> regards, Frederick
>
> Frederick Hirsch, Nokia
> Chair XML Security WG
>
>
> [1]
> http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/
> 0842.html
>
> [2]
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-Si
> gnatureAlg
>
> [3] Fact Sheet NSA Suite B Cryptography,
> http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
>
> [4] http://www.w3.org/TR/2009/WD-xmlsec-reqs-20090226/#algorithm-
> suiteb
>
> [5] http://dev.w3.org/2006/waf/widgets-digsig/
>
>
>
>
>
Received on Thursday, 23 April 2009 12:27:17 UTC