W3C home > Mailing lists > Public > public-xmlsec@w3.org > April 2010

Re: Comment for the latest Working Draft of Encryption 1.1

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Thu, 08 Apr 2010 11:28:05 +0200
Message-ID: <4BBDA1A5.4030204@telia.com>
To: Satoru Kanno <kanno.satoru@po.ntts.co.jp>
CC: Frederick Hirsch <frederick.hirsch@nokia.com>, public-xmlsec-comments@w3.org, kanda.masayuki@lab.ntt.co.jp, XMLSec WG Public List <public-xmlsec@w3.org>
I strongly support the idea of a limited set of MANDATORY algorithms
but I would not feel too awkward about having an appendix with
(non-normative) extension objects that could contain Camellia.

It is not perfect but it is a least best better than nothing and
for an implementer it gives about the same results :-)
(I'm an implementer...)

Anders
http://webpki.org/auth-token-4-the-cloud.html

Satoru Kanno wrote:
> Dear Frederick,
> 
> We strongly appreciated your discussing again for Camellia cipher.
> Although we can understand your resolution, we greatly expected to add
> Camellia cipher to XML Encryption 1.1 because there are XML encryption
> products loading Camellia, e.g., XSECT Library of IAIK-Java.
> 
> Anyway, we wish Camellia to be implemented in XML Encryption library
> as well as AES.
> If so in the future, we hope to discuss the adoption of Camellia into
> XML Encryption again.
> 
> Best regards,
> Satoru
> 
> 
> (2010/04/07 8:42), Frederick Hirsch wrote:
>> Satoru
>>
>> The XML Security WG discussed your original request to add the Camelia
>> cipher to XML Encryption 1.1 on 16 June 2009 [1] after you raised it
>> last year [2]. At that time the Working Group (WG) decided not to add
>> this additional algorithm to the XML Encryption 1.1 specification, but
>> to include it in the XML Security Algorithms Cross Reference [3]. We
>> documented the decision to add it to the cross-reference but did not
>> formally make a resolution to not add it to XML Encryption 1.1 At the 30
>> March 2010 teleconference the WG re-affirmed its previous decision and
>> made a formal resolution not to add Camelia to XML Encryption 1.1, to
>> document the decision for the record [4].
>>
>> The reason the WG decided not to include this algorithm in the XML
>> Encryption 1.1 specification itself has not changed. The rationale is
>> that the XML Encryption 1.1 specification itself should include a
>> minimum set of algorithm definitions and rely on extension points to
>> allow additional algorithms. There are two reasons for this. First,
>> algorithms included in the specification should have wide implementation
>> support as evidenced by interop testing performed during the development
>> of the specification, and adding additional algorithms has a WG cost in
>> terms of formally testing interoperability. Secondly, including
>> additional algorithms imposes additional costs and requirements on
>> developers.
>>
>> However, since XML Encryption 1.1 is extensible, adoption of Camelia is
>> possible with it. To enable this and facilitate the discovery of
>> information about algorithms the WG has created the XML Security
>> Algorithms Cross Reference and has included Camelia in it.
>>
>> Unless we have new arguments for adding this algorithm suite to the XML
>> Encryption 1.1 we shall consider this issue closed (ISSUE-195 and
>> ISSUE-134).
>>
>> Thank you.
>>
>> regards, Frederick
>>
>> Frederick Hirsch, Nokia
>> Chair XML Security WG
>>
>> [1] http://www.w3.org/2009/06/16-xmlsec-minutes.html#item09
>>
>> [2] ISSUE-134 , http://www.w3.org/2008/xmlsec/track/issues/134
>>
>> [3] http://www.w3.org/TR/2010/WD-xmlsec-algorithms-20100316/
>>
>> [4] http://www.w3.org/2010/03/30-xmlsec-minutes.html
>>
>>
>>
>> On Mar 18, 2010, at 12:20 AM, ext Satoru Kanno wrote:
>>
>>> Hi, Folks
>>>
>>> We have a comment for the latest Working Draft of Encryption 1.1.
>>>
>>> We strongly think that the Camellia cipher should be adopted
>>> by not only Cross-Reference but also XML Encryption 1.1.
>>> Because the Camellia cipher is described in RFC4051, which is Standard
>>> track RFC.
>>>
>>> Does this have any problems?
>>>
>>> Of course, current Cross-Reference document already includes the
>>> Camellia cipher.
>>>
>>> For your information, Camellia has been already adopted in TLS,
>>> IPsec, S/MIME, OpenPGPG, Kerberos (plans), and other standards.
>>> In addition, as open source software, Camellia is loaded to OpenSSL,
>>> Firefox, Linux, FreeBSD, MIT Kerberos KRB5 (scheduled), and so on.
>>> For more information on Camellia cipher, please see at;
>>> http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html
>>>
>>> Best regards,
>>>
>>> -- 
>>> Satoru Kanno
>>>
>>> Security Business Unit
>>> Mobile and Security Solution Business Group
>>> NTT Software Corporation
>>>
>>> e-mail: kanno.satoru@po.ntts.co.jp
>>>
>>>
>>>
>>
>>
>>
> 
> 
Received on Thursday, 8 April 2010 09:28:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 8 April 2010 09:28:39 GMT