W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

Re: comments on algorithms draft

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 11 Feb 2009 01:14:01 +0100
To: Frederick Hirsch <frederick.hirsch@nokia.com>
Message-Id: <75A174F6-3B60-4474-87B8-327342AF90E7@w3.org>
Cc: XMLSec WG Public List <public-xmlsec@w3.org>

(Going through your points one by one...)


> Comments on algorithms draft [1]. I propose we make these changes  
> before First Public Working Draft.
>
> (1) 1st  paragraph in section 3
> Replace "(again, and octet-stream)" with "(an octet stream that is  
> base64 encoded as noted in Section 4.2 of XML SIgnature)"

done

> (2) Section 3.2
> Replace "various variants" with "variants"

done

> (3) Section 3.2, RSA-SHA256
> remove references to dsig and 2nd edition, not applicable in this case

Actually, this one should have a forward reference to XML Signature  
1.1, in particular if we publish this draft along with an FPWD of XML  
Signature 1.1.  Same holds for ECDSA-SHA256.

> (4) Section 3.2 RSA-SHA384, RSA-SHA512
>
> For each, add note:
> "This algorithm is under consideration as an optional to implement  
> algorithm for a future version of XML Signature."

As noted before, I'd rather not.

> (7) section 3.3 ECDSAwithSHA384
>
> replace second ECDSAwithSHA384 with ECDSAwithSHA512

done

>
> (8) section 3.3 ECDSA-SHA1, ECDSAwithSHA384, ECDSAwithSHA512
>
> for each, add note:
> "This algorithm is under consideration as an optional to implement  
> algorithm for a future version of XML Signature."

prefer not

> (9) Section 3.4 HMAC-SHA256
>
> Add
> "This algorithm is under consideration as a recommended to implement  
> algorithm for a future version of XML Signature."

done, with reference to XML Signature 1.1

> (9) Section 3.4 HMAC-SHA384, HMAC-SHA512
>
> For each, add
> "This algorithm is under consideration as an optional to implement  
> algorithm for a future version of XML Signature.

rather not

> (12)  Section 4.2 SHA-256
>
> Remove xml signature and 2nd edition references.

Replaced with 1.1 reference instead.

> (13) Section 4.2 SHA-384, SHA-512
>
> For each, add
> "This algorithm is under consideration as an optional to implement
> algorithm for a future version of XML Signature."

prefer not

> (14) 4.3 RIPEMD-160

> Add note:
> "This algorithm is listed as optional to implement in XML Encryption  
> in section 5.7.4.
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-RIPEMD-160
> "

Prefer not.

> (15) 5.1 Triple DES (CBC mode)
> add section and specific link for section:
>
> Section 5.2.1
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-tripledes-cbc
>
> (16) 5.1 AES-128 (CBC mode)
> add section and specific link for section:
>
> Section 5.2.2
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-AES
>
> (17) 5.1 AES-192 (CBC mode)
> add section and specific link for section:
>
> Section 5.2.2
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-AES

All done.

> Add note
> This algorithm is optional to implement in [XMLENC].

Prefer not.

> (18) 5.1 AES-256 (CBC mode)
> add section and specific link for section:
>
> Section 5.2.2
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-AES

done

> Add note
> This algorithm is optional to implement in [XMLENC].

prefer not

>
> (19) Section 6, RSA-v1.5
> add section and specific link for section:
>
> Section 5.4.1
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-RSA-1_5
>
> (20) Section 6, RSA-OAEP
> add section and specific link for section:
>
> Section 5.4.2
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-RSA- 
> OAEP

done

> Add note
> This algorithm is optional to implement in [XMLENC].

prefer not

> (21) Section 7, Diffie Hellman
> add section and specific link for section:
>
> Section 5.5.1
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-DHKeyValue

done


>
> (22) Section 8, CMS Triple-DES Key Wrap
> add section and specific link for section:
>
> Section 5.6.2
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-tripledes
>
> (23) Section 8, AES Key Wrap 128
> add section and specific link for section:
>
> Section 5.6.3
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-aes
>
> (24) Section 8, AES Key Wrap 192
> add section and specific link for section:
>
> Section 5.6.3
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-aes

done

> Add note
> This algorithm is optional to implement in [XMLENC].

prefer not.

>
>
> (25) Section 8, ES Key Wrap 256
> add section and specific link for section:
>
> Section 5.6.3
> link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-aes

done


Additionally, the note was missing ECDH from Encryption 1.1.
Received on Wednesday, 11 February 2009 00:14:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT