W3C home > Mailing lists > Public > public-xmlsec@w3.org > April 2010

Re: Comment for the latest Working Draft of Encryption 1.1

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Thu, 8 Apr 2010 22:31:26 +0200
Message-ID: <70D082DA039E41BE86DB06A938D02417@AndersPC>
To: "Frederick Hirsch" <Frederick.Hirsch@nokia.com>
Cc: "Frederick Hirsch" <Frederick.Hirsch@nokia.com>, "Satoru Kanno" <kanno.satoru@po.ntts.co.jp>, <public-xmlsec-comments@w3.org>, <kanda.masayuki@lab.ntt.co.jp>, "XMLSec WG Public List" <public-xmlsec@w3.org>
Absolutely!  I wasn't aware of this document actually...

Regards,
Anders

----- Original Message ----- 
From: "Frederick Hirsch" <Frederick.Hirsch@nokia.com>
To: "ext Anders Rundgren" <anders.rundgren@telia.com>
Cc: "Frederick Hirsch" <Frederick.Hirsch@nokia.com>; "Satoru Kanno" <kanno.satoru@po.ntts.co.jp>; 
<public-xmlsec-comments@w3.org>; <kanda.masayuki@lab.ntt.co.jp>; "XMLSec WG Public List" 
<public-xmlsec@w3.org>
Sent: Thursday, April 08, 2010 22:23
Subject: Re: Comment for the latest Working Draft of Encryption 1.1


Does the "XML Security Algorithm Cross-Reference"  not serve this
need, while avoiding duplication of definitions?

http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html

regards, Frederick

Frederick Hirsch
Nokia



On Apr 8, 2010, at 5:28 AM, ext Anders Rundgren wrote:

> I strongly support the idea of a limited set of MANDATORY algorithms
> but I would not feel too awkward about having an appendix with
> (non-normative) extension objects that could contain Camellia.
>
> It is not perfect but it is a least best better than nothing and
> for an implementer it gives about the same results :-)
> (I'm an implementer...)
>
> Anders
> http://webpki.org/auth-token-4-the-cloud.html
>
> Satoru Kanno wrote:
>> Dear Frederick,
>>
>> We strongly appreciated your discussing again for Camellia cipher.
>> Although we can understand your resolution, we greatly expected to
>> add
>> Camellia cipher to XML Encryption 1.1 because there are XML
>> encryption
>> products loading Camellia, e.g., XSECT Library of IAIK-Java.
>>
>> Anyway, we wish Camellia to be implemented in XML Encryption library
>> as well as AES.
>> If so in the future, we hope to discuss the adoption of Camellia into
>> XML Encryption again.
>>
>> Best regards,
>> Satoru
>>
>>
>> (2010/04/07 8:42), Frederick Hirsch wrote:
>>> Satoru
>>>
>>> The XML Security WG discussed your original request to add the
>>> Camelia
>>> cipher to XML Encryption 1.1 on 16 June 2009 [1] after you raised it
>>> last year [2]. At that time the Working Group (WG) decided not to
>>> add
>>> this additional algorithm to the XML Encryption 1.1 specification,
>>> but
>>> to include it in the XML Security Algorithms Cross Reference [3]. We
>>> documented the decision to add it to the cross-reference but did not
>>> formally make a resolution to not add it to XML Encryption 1.1 At
>>> the 30
>>> March 2010 teleconference the WG re-affirmed its previous decision
>>> and
>>> made a formal resolution not to add Camelia to XML Encryption 1.1,
>>> to
>>> document the decision for the record [4].
>>>
>>> The reason the WG decided not to include this algorithm in the XML
>>> Encryption 1.1 specification itself has not changed. The rationale
>>> is
>>> that the XML Encryption 1.1 specification itself should include a
>>> minimum set of algorithm definitions and rely on extension points to
>>> allow additional algorithms. There are two reasons for this. First,
>>> algorithms included in the specification should have wide
>>> implementation
>>> support as evidenced by interop testing performed during the
>>> development
>>> of the specification, and adding additional algorithms has a WG
>>> cost in
>>> terms of formally testing interoperability. Secondly, including
>>> additional algorithms imposes additional costs and requirements on
>>> developers.
>>>
>>> However, since XML Encryption 1.1 is extensible, adoption of
>>> Camelia is
>>> possible with it. To enable this and facilitate the discovery of
>>> information about algorithms the WG has created the XML Security
>>> Algorithms Cross Reference and has included Camelia in it.
>>>
>>> Unless we have new arguments for adding this algorithm suite to
>>> the XML
>>> Encryption 1.1 we shall consider this issue closed (ISSUE-195 and
>>> ISSUE-134).
>>>
>>> Thank you.
>>>
>>> regards, Frederick
>>>
>>> Frederick Hirsch, Nokia
>>> Chair XML Security WG
>>>
>>> [1] http://www.w3.org/2009/06/16-xmlsec-minutes.html#item09
>>>
>>> [2] ISSUE-134 , http://www.w3.org/2008/xmlsec/track/issues/134
>>>
>>> [3] http://www.w3.org/TR/2010/WD-xmlsec-algorithms-20100316/
>>>
>>> [4] http://www.w3.org/2010/03/30-xmlsec-minutes.html
>>>
>>>
>>>
>>> On Mar 18, 2010, at 12:20 AM, ext Satoru Kanno wrote:
>>>
>>>> Hi, Folks
>>>>
>>>> We have a comment for the latest Working Draft of Encryption 1.1.
>>>>
>>>> We strongly think that the Camellia cipher should be adopted
>>>> by not only Cross-Reference but also XML Encryption 1.1.
>>>> Because the Camellia cipher is described in RFC4051, which is
>>>> Standard
>>>> track RFC.
>>>>
>>>> Does this have any problems?
>>>>
>>>> Of course, current Cross-Reference document already includes the
>>>> Camellia cipher.
>>>>
>>>> For your information, Camellia has been already adopted in TLS,
>>>> IPsec, S/MIME, OpenPGPG, Kerberos (plans), and other standards.
>>>> In addition, as open source software, Camellia is loaded to
>>>> OpenSSL,
>>>> Firefox, Linux, FreeBSD, MIT Kerberos KRB5 (scheduled), and so on.
>>>> For more information on Camellia cipher, please see at;
>>>> http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html
>>>>
>>>> Best regards,
>>>>
>>>> -- 
>>>> Satoru Kanno
>>>>
>>>> Security Business Unit
>>>> Mobile and Security Solution Business Group
>>>> NTT Software Corporation
>>>>
>>>> e-mail: kanno.satoru@po.ntts.co.jp
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>
Received on Thursday, 8 April 2010 20:32:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 8 April 2010 20:32:02 GMT