W3C home > Mailing lists > Public > public-xmlsec@w3.org > May 2010

Urgent and Important: Open issues and actions related to XML Encryption 1.1 and Generic Hybrid Ciphers

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Mon, 3 May 2010 14:33:12 -0400
Message-Id: <D43CC68D-2E2F-4142-A01C-9533C2688FB1@nokia.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Please review the following list of open issues and actions relevant  
to getting to Last Call for XML Encryption 1.1 ; please provide  
updates on status.


The following open issues appear to relate to XML Encryption 1.1 and  
Generic Hybrid Ciphers. Apart from the ECC issue, can we resolve the  
others before going to Last Call?

(1) ISSUE-91  ECC can't be REQUIRED

This can remain open as work progresses

(2) ISSUE-178 Highlight additional text constraints on XSD schema as  

Is this essential or a "nice to have"?

(3) ISSUE-180 Section 8 identifies Joseph Reagle as the contact for  
the XML Encryption media type. This needs to be updated, perhaps to a  
generic identity?

(4) ISSUE-192 Namespaces for DerivedKey and pbkdf2 outside of xenc11  


(5) ISSUE-194 Is "the ECPublicKey element" in Encryption 1.1 and  
Signature 1.1 actually the ECKeyValue element?


(6) ISSUE-138 - What interoperability and security issues arise out of  
schema validation behavior?

2.0 issue?


The following open actions appear to relate to XML Encryption 1.1 and  
Generic Hybrid Ciphers

ACTION-280 Produce test cases for derived keys ; Magnus Nyström

Not an action needed to enter last call?

ACTION-452 Review the XML ENC v1.1 document ; Scott Cantor

(C) ACTIONS to Close?

I believe the following actions can be closed, correct?

ACTION-238;  Update the proposal associated with ACTION-222 and send  
to list.; Thomas Roessler

ACTION-515;  Propose the schema addition for issue-186 (normative  
content of 5.4.2, PBKDF2); Aldrin J D'Souza

ACTION-533;  Implement proposed change to XML Encryption 1.1 per  
proposal to resolve ISSUE-186; Aldrin J D'Souza

(D) Other

I assume actions to find out about implementations, test cases and  
interop are not essential for entering last call.

Please review the list of open issues and actions to see that they are  
associated with the correct products and if there is anything else  
related to moving XML Encryption 1.1 or Generic Hybrid Ciphers to Last  




regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Monday, 3 May 2010 18:35:01 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:13 UTC