W3C home > Mailing lists > Public > public-xmlsec@w3.org > November 2010

Re: Call for Consensus - Additional changes to XML Signature 1.1 and XML Encryption before Last Call publication

From: <Frederick.Hirsch@nokia.com>
Date: Wed, 17 Nov 2010 14:54:09 +0100
To: <mnystrom@microsoft.com>
CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Message-ID: <63286AF3-3497-49B0-A7FC-275CE53FC946@nokia.com>
Correct, please take this as an amendment to the proposal I sent. We still need the reference for ConcatKDF.

regards, Frederick

Frederick Hirsch
Nokia



On Nov 16, 2010, at 8:04 PM, ext Magnus Nystrom wrote:

> Maybe this is what you meant below, but AFAICS, there is only one reference to SP800-56 in XML Encryption 1.1. that would be changed, namely the one in Section 5.6.4. The other ones should stay, I believe (i.e. we would *add* a reference to ECC-ALGS] and keep SP800-56)?
> 
> -- Magnus
> 
>> -----Original Message-----
>> From: public-xmlsec-request@w3.org [mailto:public-xmlsec-request@w3.org]
>> On Behalf Of Frederick.Hirsch@nokia.com
>> Sent: Tuesday, November 16, 2010 4:40 PM
>> To: public-xmlsec@w3.org
>> Cc: Frederick.Hirsch@nokia.com
>> Subject: Call for Consensus - Additional changes to XML Signature 1.1 and XML
>> Encryption before Last Call publication
>> 
>> All
>> 
>> Magnus reminded me that at our 26 October meeting [1] we discussed changing
>> the XML Signature 1.1 [SECG1] reference  [2] to the Mcgrew  reference [3]. I
>> think we had general agreement but made no formal resolution.
>> 
>> Specifically, the proposal is to replace [SECG1] with [ECC-ALGS] in the XML
>> Signature 1.1 text, remove the SECG1 reference, and add the following
>> reference:
>> 
>> [ECC-ALGS] D. McGrew, K. Igoe, M. Salter. Fundamental Elliptic Curve
>> Cryptography Algorithms, IETF Internet Draft,  May 21, 2010, URL:
>> http://tools.ietf.org/id/draft-mcgrew-fundamental-ecc-03.txt
>> 
>> This email is a Call for Consensus to make this change in the XML Signature 1.1
>> draft before the next Last Call publication.
>> 
>> In addition, we should make a similar change to XML Encryption. The proposal is
>> to replace the [SP800-56A] reference [4] to [ECC-ALGS]  as well, This is also a
>> Call for Consensus for that change.
>> If you think we should be making  a different change to XML Encryption, please
>> indicate what that should be in concrete terms - (e.g. if any change to algorithm
>> text is needed).
>> 
>> Please respond on the list to clearly indicate for support for one or both of these
>> changes, or to indicate lack of approval, by this Friday, 19 November.
>> 
>> We will delay Last Call publication to next Tuesday, 23 November, to
>> incorporate these changes if approved. The three week Last Call for XML
>> SIgnature 1.1 and XML Encryption will then end on 14 December.
>> 
>> Please respond on the public list. Lack of response will be taken to indicate
>> agreement with both proposed changes.
>> 
>> Thank you
>> 
>> regards, Frederick
>> 
>> Frederick Hirsch, Nokia
>> Chair XML Security WG
>> 
>> 
>> [1] http://lists.w3.org/Archives/Public/public-xmlsec/2010Oct/att-
>> 0041/minutes-2010-10-26.html#item04
>> 
>> [2] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-
>> 11/Overview.html#bib-SECG1
>> 
>> [3] http://tools.ietf.org/id/draft-mcgrew-fundamental-ecc-03.txt
>> 
>> [4] http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-
>> 11/Overview.html#bib-SP800-56A
>> 
>> 
>> 
> 
Received on Wednesday, 17 November 2010 13:55:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 17 November 2010 13:55:09 GMT