Re: ACTION-158 (xmlenc) from Frederick Hirsch on 2009-07-07 (public-xmlsec@w3.org from July 2009)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Tue, 7 Jul 2009 09:34:51 -0400
To: ext Peter Saint-Andre <Peter.SaintAndre@webex.com>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, XMLSec WG Public List <public-xmlsec@w3.org>
Message-Id: <BF805526-BC63-4DB9-89BA-34A0027211DB@nokia.com>

Peter

Thank you for this proposal on XML Encryption references.

I have two suggested changes:

1. move RIPEMD-160 reference to normative section

Section 5.8.5 refers to RIPEMD-160 as key agreement message digest  
method. There is a link to the reference in this section.

2. Move MIME reference to normative section

The optional MimeType reference is defined in terms of mime types, in  
section 3.1, The EncryptedType Element, also with a link to the  
reference.

http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.htm#sec-EncryptedType

3. I agree that HMAC is not directly referenced and think it should  
be, in two places

Section 5.4.2 PBKDF2 change

" It is RECOMMENDED to use HMAC-SHA256 as the PRF algorithm (see [XML- 
DSIG])."

to

" It is RECOMMENDED to use HMAC-SHA256 as the PRF algorithm (see [XML- 
DSIG], [HMAC])."

and

Section 5.8 Message Digest, change

"and in connection with the HMAC message authentication code method as  
described in [XML-DSIG]."
to
"and in connection with the HMAC message authentication code method  
[HMAC] as described in [XML-DSIG]."

regards, Frederick

Frederick Hirsch
Nokia



On Jun 12, 2009, at 5:06 PM, ext Peter Saint-Andre wrote:

> I have reviewed the references in xmlenc-core-11. My suggested  
> modifications
> are contained in the file xmlenc.ref (attached).
>
> Changelog...
>
> 1. Split into Normative and Informational.
>
> 2. Updated RFC 1750 to RFC 4086.
>
> 3. Updated RFC 2396 to RFC 3986.
>
> 4. Updated RFC 2437 to RFC 3447.
>
> Notes...
>
> There is no pointer to [HMAC] in the text, although there is a  
> mention of
> HMAC. I have not adjusted the body of the text to provide the pointer.
>
> There is no pointer to or mention of [MD5], [prop1], [prop2], [prop3],
> [RIPEMD-160], [UTF-16], [URN], or [X509v3] in the text. However, I  
> have
> retained the references and moved them all to the Informational  
> References
> section.
>
> I shall attempt to complete a similar review of xmldsig-core-11 soon.
>
> Peter
>
> <xmlenc.ref>

Received on Tuesday, 7 July 2009 13:35:52 UTC