Re: Importing 1.0 while normatively referencing 1.1 ( LC-2544) from MURATA Makoto on 2011-08-20 (public-xmlsec@w3.org from August 2011)

From: MURATA Makoto <eb2m-mrt@asahi-net.or.jp>
Date: Sat, 20 Aug 2011 10:39:26 +0900
To: public-xmlsec@w3.org
Message-ID: <CALvn5ED2yczR1jRY3sQRGPgMGDNVosFjJTQwn_19FEzT9WxqQA@mail.gmail.com>

I have to revisit this issue, since a test document gh-example.xml (in
the directory "xml encryption test files")
has

  <ds:KeyInfo>
    <dsig11:ECKeyValue>
      <dsig11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
      <dsig11:PublicKey>DEADBEEF</dsig11:PublicKey>
    </dsig11:ECKeyValue>
  </ds:KeyInfo>

To validate this ECKeyValue element, we need the schema for Signature 1.1.

But this example document might be simply incorrect.  I see other errors
such as

    Algorithm="http://www.w3.org/2009/xmlenc11#GenericHybridCipher"

which is not a valid algorithm identifer.  Is my copy obsolete?

Regards,
Makoto

2011/8/19 MURATA Makoto <eb2m-mrt@asahi-net.or.jp>:
> Agreed.  Thanks.
>
> Regards,
> Makoto
>
> 2011/8/17  <frederick.hirsch@nokia.com>:
>>
>>  Dear MURATA Makoto ,
>>
>> The XML Security Working Group has reviewed the comments you sent [1] on
>> the Last Call Working Draft [2] of the XML Encryption Syntax and Processing
>> Version 1.1 published on 13 May 2010. Thank you for having taken the time
>> to review the document and to send us comments!
>>
>> The Working Group's response to your comment is included below.
>>
>> Please review it carefully and let us know by email at
>> public-xmlsec@w3.org if you agree with it or not before 22 August 2011. In
>> case of disagreement, you are requested to provide a specific solution for
>> or a path to a consensus with the Working Group. If such a consensus cannot
>> be achieved, you will be given the opportunity to raise a formal objection
>> which will then be reviewed by the Director during the transition of this
>> document to the next stage in the W3C Recommendation Track.
>>
>> Thanks,
>>
>> For the XML Security Working Group,
>> Thomas Roessler
>> W3C Staff Contact
>>
>>  1.
>> http://www.w3.org/mid/CALvn5EAQnAT-i4xB0HV+29ta0fp=ijcg77BfofM3o1x44U0jQg@mail.gmail.com
>>  2. http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/
>>
>>
>> =====
>>
>> Your comment on 9.1 XSD Schema XML Encryption Core Schema Instance
>> xenc-sc...:
>>> xenc-schema-11.xsd does not import xmldsig11-schema.xsd but
>>> rather import xmldsigschema.xsd.  However, XML Encryption 1.1
>>> normatively references to XML Signature 1.1 rather than 1.0.
>>> Which is correct?
>>
>>
>> Working Group Resolution (LC-2544):
>> The working group decided to not make any change here as
>> xenc-schema-11.xsd does not require any definitions from
>> xmldsig-11-schema.xsd. All that is required is ds:DigestMethod from
>> xmldsigschmema.xsd; so the current inclusion is correct and does not
>> include unnecessary material.
>>
>> Thus the schema import is correct as is the normative reference to XML
>> SIgnature 1.1 (e.g. to pick up normative changes that are not necessarily
>> reflected by schema changes)
>>
>>
>> ----
>>
>>
>>
>>
>
>
>
> --
>
> Praying for the victims of the Japan Tohoku earthquake
>
> Makoto
>



-- 

Praying for the victims of the Japan Tohoku earthquake

Makoto

Received on Saturday, 20 August 2011 01:40:23 UTC