W3C home > Mailing lists > Public > public-xmlsec@w3.org > May 2009

Re: ACTION-248: RFC strawman for additional algorithms

From: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
Date: Tue, 12 May 2009 15:49:55 +0200
Message-ID: <4A097E83.8020502@iaik.tugraz.at>
To: Thomas Roessler <tlr@w3.org>
CC: XMLSec WG Public List <public-xmlsec@w3.org>, d3e3e3@gmail.com, Eastlake III Donald <Donald.Eastlake@motorola.com>
Thomas Roessler schrieb:
> I didn't work off RFC 4051, but off the XML Signature 1.1 spec.  So,  
> I'm confused.
>   
XMLDSIG 1.1 references RFC4051 and the latter has an error introduced in
the transition form
http://tools.ietf.org/html/draft-eastlake-xmldsig-uri-09#section-2.3.1
to http://tools.ietf.org/html/rfc4051#section-2.3.1 .

This error seems to be caused by the fact that RFC2437 8.1.1 is now
RFC3447 8.1.1 .

regards
Konrad

> On 12 May 2009, at 15:34, Konrad Lanz wrote:
>   
>> Hi Thomas,
>>
>> taking a closer look at RFC4051 there seems to be an error in the
>> reference updated from PKCS 1.5 to PKCS 2.1.
>>
>> It seem that section 2.3.1 erroneously references RSA-PSS instead of
>> normal RSA:
>>
>> right old ref.: http://tools.ietf.org/html/rfc2437#section-8.1.1
>> wrong new ref.: http://tools.ietf.org/html/rfc3447#section-8.1.1
>> right new ref.: http://tools.ietf.org/html/rfc3447#section-8.2.1
>>
>> Thoughts?
>>
>> best regards
>> Konrad
>>
>> Thomas Roessler schrieb:
>>     
>>> Here:
>>>   http://www.w3.org/2008/xmlsec/Drafts/algorithms-rfc/draft.html
>>>   http://www.w3.org/2008/xmlsec/Drafts/algorithms-rfc/draft.txt
>>>
>>> The source is in CVS (the xml file in the same directory).
>>>
>>> Konrad, I've thrown you in as a co-author since this was your
>>> initiative; please fix the address information.  Also, it would be
>>> great if you could complete the references; feel free to make other
>>> changes as needed.
>>>
>>> The document is produced using the "xml2rfc" tool:
>>>   http://xml.resource.org/authoring/draft-mrose-writing-rfcs.html
>>>
>>> Regards,
>>> --
>>> Thomas Roessler, W3C  <tlr@w3.org>
>>>
>>>
>>>
>>>
>>>
>>>
>>>       
>> -- 
>> Konrad Lanz, IAIK/SIC - Graz University of Technology
>> Inffeldgasse 16a, 8010 Graz, Austria
>> Tel: +43 316 873 5547
>> Fax: +43 316 873 5520
>> http://www.iaik.tugraz.at/content/about_iaik/people/lanz_konrad/
>> http://jce.iaik.tugraz.at/sic/products/xml_security
>>
>> Downlaod certificate chain (including the EuroPKI root certificate):
>> http://ca.iaik.tugraz.at/capso/certs.jsp
>>
>> <Konrad_Lanz.vcf>
>>     
>
>
>   


-- 
Konrad Lanz, IAIK/SIC - Graz University of Technology
Inffeldgasse 16a, 8010 Graz, Austria
Tel: +43 316 873 5547
Fax: +43 316 873 5520
http://www.iaik.tugraz.at/content/about_iaik/people/lanz_konrad/
http://jce.iaik.tugraz.at/sic/products/xml_security

Downlaod certificate chain (including the EuroPKI root certificate):
http://ca.iaik.tugraz.at/capso/certs.jsp



Received on Tuesday, 12 May 2009 13:50:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:58 GMT