Last Call WD of XML Signature 1.1 and XML Encryption; deadline 22 December 2010 from Frederick.Hirsch@nokia.com on 2010-11-30 (public-xmlsec@w3.org from November 2010)

From: <Frederick.Hirsch@nokia.com>
Date: Tue, 30 Nov 2010 17:07:15 +0100
To: <chairs@w3.org>, <public-xmlsec@w3.org>
CC: <Frederick.Hirsch@nokia.com>, <tlr@w3.org>
Message-ID: <46A1D0DA-39CD-49BE-99E2-3FE9DD0D6408@nokia.com>

Today (30 November) the XML Security WG has published a third Last Call Working Draft (LCWD) of XML Signature 1.1 [1] and a second LCWD of XML Encryption [2]. The last call review period ends 22 December 2010.

The LCWD for XML Signature 1.1 is for the following changes:

1. Added X509Digest element and deprecated the X509IssuerSerial element

2. Changed ECKeyValue attribute from URN to URI in section 4.5.2.3.

3. Replaced normative SEC1 reference (Elliptic Curve Cryptography, Version 2.0, Standards for Efficient Cryptography Group, May 2009. URL:http://www.secg.org/download/aid-780/sec1-v2.pdf ) with ECC-ALGS reference (D. McGrew, K. Igoe, M. Salter. Fundamental Elliptic Curve Cryptography Algorithms, IETF Internet Draft, May 21, 2010, URL:http://tools.ietf.org/id/draft-mcgrew-fundamental-ecc-03.txt )

See http://www.w3.org/TR/2010/WD-xmldsig-core1-20101130/

The LCWD of XML Encryption is for the following changes:

1. PBKDF2 schema updated to remove default from PRFAlgorithmIdentifierType

2. Added recommendation to use HMAC-SHA256 with PBKDF2 instead of HMAC-SHA1

3. Updated text regarding use of Type and MimeType with EXI

4. Incorporated corrections based on previous Last Call comments (LC-2420 and LC-2386) [3].

5. Replaced normative SP800-56A reference (NIST Special Publication 800-56A: Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised). March 2007 URI: http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf) for ECDH in Section 5.6.4 (Elliptic Curve Diffie-Hellman (ECDH) Key Agreement) with ECC-ALGS reference (D. McGrew, K. Igoe, M. Salter. Fundamental Elliptic Curve Cryptography Algorithms, IETF Internet Draft, May 21, 2010, URL:http://tools.ietf.org/id/draft-mcgrew-fundamental-ecc-03.txt ).

See http://www.w3.org/TR/2010/WD-xmlenc-core1-20101130/

The comment deadline for the 3 week Last Call of these two documents is 22 December and all comments should be sent to public-xmlsec@w3.org

Thank you.

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

[1] http://www.w3.org/TR/2010/WD-xmldsig-core1-20101130/

[2] http://www.w3.org/TR/2010/WD-xmlenc-core1-20101130/

[3] http://www.w3.org/2006/02/lc-comments-tracker/42458/WD-xmlenc-core1-20100513/

Received on Tuesday, 30 November 2010 16:08:32 UTC