W3C home > Mailing lists > Public > public-xmlsec@w3.org > March 2010

Regarding ACTION-528 (ISSUE-188)

From: Magnus Nystrom <mnystrom@microsoft.com>
Date: Mon, 1 Mar 2010 05:09:22 +0000
To: "XMLSec WG Public List (public-xmlsec@w3.org)" <public-xmlsec@w3.org>
Message-ID: <D744D68428430B4F9C81DE8A4D595068070CABA1@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
Dear all,
This is in response to ACTION-528 that was assigned to me during this week's call.

I reviewed the latest XML DSig draft and the latest XML Enc draft. I am not sure when the text in Section 4.5.8 of XML DSig 1.1 got added, but it is, as Frederick noticed, clearly not correct. I suggest a change to:

4.5.8 XML Encryption EncryptedKey and DerivedKey Elements
The <xenc:EncryptedKey> and <xenc11:DerivedKey> elements defined in [XMLENC-CORE1<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#bib-XMLENC-CORE1>] as children of ds:KeyInfo can be used to convey in-band encrypted or derived key material. In particular, the <xenc:DerivedKey> element may be present when the key used in calculating a Message Authentication Code is derived from a shared secret.

Also, I noted that the current draft of XML Enc 1.1 (at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/)
does not link to the 1.1 schema (of which I found one copy at: http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/xenc-schema-11.xsd), but rather twice to the 1.0 schema (at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/xenc-schema.xsd)

-- Magnus
Received on Monday, 1 March 2010 05:10:14 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:13 UTC