- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 7 Dec 2011 10:52:26 +0100
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Thomas Roessler <tlr@w3.org>, Tibor Jager <tibor.jager@gmail.com>, Juraj Somorovsky <juraj.somorovsky@rub.de>
Tiber Jäger points out to me that the current draft for XML Enc 1.1 has a minor wording mistake: > AES-GCM [SP800-38D] is an authenticated encryption mechanism. It is equivalent to doing these two operations in one step - HMAC signing followed by AES-CBC encryption. Correction: > AES-GCM […] is an authenticated encryption mechanism. It is equivalent to do these two operations in one step, AES encryption followed by HMAC signing. http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.html#sec-AES-GCM (The point is to authenticate the ciphertext, not the plaintext.) -- Thomas Roessler, W3C <tlr@w3.org> (@roessler)
Received on Wednesday, 7 December 2011 09:52:31 UTC