W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2009

Re: ISSUE-157 on Signature 1.1 Section 4.10, proposal, proposal, please review

From: Thomas Roessler <tlr@w3.org>
Date: Mon, 7 Dec 2009 15:47:36 +0100
Cc: Thomas Roessler <tlr@w3.org>, XMLSec WG Public List <public-xmlsec@w3.org>
Message-Id: <0A631A7F-CC1E-4C22-99A0-65FE3A5F4693@w3.org>
To: Frederick Hirsch <frederick.hirsch@nokia.com>
How about replacing section 4.10 with a new section "Key Agreement and Derived Keys", roughly like this:

> Use of the MgmtData element is deprecated.
> 
> The <xenc:EncryptedKey> and <xenc:Agreement> elements defined in [ENC11] as children of ds:KeyInfo can be used to convey in-band key agreement information, or encrypted key material.

--
Thomas Roessler, W3C  <tlr@w3.org>







On 5 Dec 2009, at 02:14, Frederick Hirsch wrote:

> new issue, ISSUE-157
> 
> section 4.10 The MgmtData Element
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-MgmtData
> 
> refers to non-existent XML Encryption WG with a place holder.
> 
> [[ The MgmtData element within KeyInfo is a string value used to convey in-band key distribution or agreement data. For example, DH key exchange, RSA key encryption, etc. Use of this element is NOT RECOMMENDED. It provides a syntactic hook where in-band key distribution or agreement data can be placed. However, superior interoperable child elements of KeyInfo for the transmission of encrypted keys and for key agreement are being specified by the W3C XML Encryption Working Group and they should be used instead of MgmtData. ]]
> 
> Maybe it is time we changed this :)
> 
> How about
> 
> [[ The MgmtData element within KeyInfo is a string value used to convey in-band key distribution or agreement data. Use of this element is NOT RECOMMENDED.
> Key Transport algorithms conveyed as part of the ds:KeyInfo/xenc:EncryptedKey element, as defined in the XML Encryption 1.1 section on Key Transport, are to be used instead. ]]
> 
> Can we deprecate the element in this 1.1 release? Does the proposal make sense or did I misinterpret this?
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> 
> 
Received on Monday, 7 December 2009 14:47:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 14:47:41 GMT