Re: XML Signature 1.1 KeyInfo requirements ( LC-2502)

 Dear Sean Mullan ,

The XML Security Working Group has reviewed the comments you sent [1] on
the Last Call Working Draft [2] of the XML Signature Syntax and Processing
Version 1.1 published on 3 Mar 2011. Thank you for having taken the time to
review the document and to send us comments!

The Working Group's response to your comment is included below.

Please review it carefully and let us know by email at
public-xmlsec@w3.org if you agree with it or not before 22 August 2011. In
case of disagreement, you are requested to provide a specific solution for
or a path to a consensus with the Working Group. If such a consensus cannot
be achieved, you will be given the opportunity to raise a formal objection
which will then be reviewed by the Director during the transition of this
document to the next stage in the W3C Recommendation Track.

Thanks,

For the XML Security Working Group,
Thomas Roessler
W3C Staff Contact

 1. http://www.w3.org/mid/4E0B7BF4.1080407@oracle.com
 2. http://www.w3.org/TR/2011/CR-xmldsig-core1-20110303/


=====

Your comment on 4.5 The KeyInfo Element KeyInfo is an optional element
that...:
> Section 4.5, paragraph 2:
> 
> "If KeyInfo is omitted, the recipient is expected to be able to
> identify the key 
> based on application context. Multiple declarations within KeyInfo
> refer to the 
> same key. While applications may define and use any mechanism they
> choose 
> through inclusion of elements from a different namespace, compliant
> versions 
> must implement KeyValue (section 4.5.2 The KeyValue Element) and should
> 
> implement RetrievalMethod (section 4.5.3 The RetrievalMethod
> Element)."
> 
> These requirements seem like they should be revisited, especially since
> a later 
> section says to avoid RetrievalMethod because of potential security
> concerns 
> (see Note in section 4.5.10). Also, does this imply that all KeyValues
> must be 
> supported? I would think it should only be supported if there is a
> required 
> signature algorithm for the corresponding key type. Had there ever been
> any 
> discussion about updating the list of required KeyInfo types?
> 
> Thanks,
> Sean


Working Group Resolution (LC-2502):
1. Added text to 1st paragraph on KeyInfo section to state the following:

[[
Details of the structure and usage of element children of KeyInfo other
than simple types described in this specification are out of scope. For
example, the definition of PKI certificate contents, certificate ordering,
certificate revocation and CRL management are out of scope.
]]

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyInfo

Added this text to both XML Signature 1.1 and XML Signature 2.0

2. Added the following note to the section on RetrievalMethod in 1.1
before the schema definition (4.5.3):

[[
Note: The KeyInfoReference element is preferred over use of
RetrievalMethod as it avoids use of Transform child elements that introduce
security risk and implementation challenges
]]

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-RetrievalMethod

This and the earlier change to make KeyInfoReference a SHOULD instead of
RetrievalMethod (made to both 1.1 and 2.0) should complete the changes to
address LC-2506

[[
While applications may define and use any mechanism they choose through
inclusion of elements from a different namespace, compliant versions must
implement KeyValue (section 4.5.2 The KeyValue Element) and should
implement KeyInfoReference (section 4.5.10 The KeyInfoReference Element).
KeyInfoReference is preferred over use of RetrievalMethod as it avoids use
of Transform child elements that introduce security risk and implementation
challenges. Support for other children of KeyInfo is optional.
]]

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-KeyInfo



----

Received on Monday, 15 August 2011 18:08:13 UTC