W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2011

RE: Editorial updates per ACTION-767 proposals

From: Magnus Nystrom <mnystrom@microsoft.com>
Date: Tue, 18 Jan 2011 06:33:42 +0000
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>
CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <D744D68428430B4F9C81DE8A4D5950680733003D@TK5EX14MBXW605.wingroup.windeploy.ntdev.microsoft.com>
Frederick, All,
I have compared the XML Security 1.1 Requirements and Design Considerations document against our deliverables. A few observations:

- Section 3.2.3: The sub-subsections of this subsection should probably be changed to enumerated requirements or else the comparison in Section 3.2.4 is harder to follow.
- Section 3.2.5.1: Change "cannot meet formally meet" to "cannot formally meet"
- Section 3.3.2.1:
a) Perhaps add that those requirements also apply to XML Encryption 1.1, as applicable (e.g. the SHA requirements).
b) HMAC-SHA384 and HMAC-SHA512 are actually "Recommended", not "Optional" in XML DSig 1.1.
c) Use of ECDSAwithSHA1 is DISCOURAGED in XML DSig 1.1.
- Section 3.3.3.2: We never defined an ECPublicKey type, we ended up with ECKeyValue (for good reason).
- The document does not mention the work that led to the new elements "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" or "X509Digest". It might be useful to include a motivation for that work? (For dsig11:X509Digest there is already a pretty good motivation in XML Dsig 1.1.).

Other than that I think this looks good.

-- Magnus

> -----Original Message-----
> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
> Sent: Monday, January 17, 2011 11:56 AM
> To: Magnus Nystrom
> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
> Subject: Editorial updates per ACTION-767 proposals
> 
> I've completed the Editorial updates for
> 
> 1. XML Encryption 1.1 (also made change to XML Signature 1.1 to unify handling
> of with/omit comments),
> 
> 2. the XML Encryption 1.1 explanation document (also changed title), and
> 
> 3. Generic Hybrid Ciphers.
> 
> Still need to look at requirements document.
> 
> Open:
> 
> Need direct link for X9.44 (not a blocker for CR) Need RFC for ECC-ALGS (but not
> a blocker for CR) Update 1.1 cross references when going to CR
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> On Jan 17, 2011, at 11:54 AM, ext Magnus Nystrom wrote:
> 
> > Frederick, All,,
> > This is in response to ACTION-767 assigned to me last week.
> >
> > I don't know where the references are stored any longer so I have not done
> any changes in the sources themselves but I did note the following:
> >
> > XML Encryption 1.1:
> > -------------------------
> > - The reference for NFC: The URL should be preceded by the string
> > "URL:" as for other references
> > - The reference for ANSI X9.52 should be linked as the reference for ANSI
> X9.44. As it is right now, one only gets to the generic ANSI home page.
> > - The link to XML Signature Syntax and Processing Version 1.1 will need to be
> updated eventually; same for XML Encryption Syntax and Processing 1.1.
> > - For [ECC-ALGS], we should check if it has been given an RFC number yet. I will
> follow up on this. I believe it should still be informative in this document.
> >
> > Outside of the references:
> > - Section 5.1.1: Should probably be consistent in how we reference the
> "with"/"omit" comments; sometimes we write "(omit comments)" and
> sometimes "with comments" (i.e. without parenthesis) and sometimes
> "comments" is spelled with a capital "C".
> > - Section 8.2, replace "they will be" with "there will be"
> >
> > Explain:
> > -----------
> > - My affiliation should be changed to Microsoft.
> > - 3.3: Change "Clarify" to "Clarified that"
> > - 5.4.2: That change is not relative to 1.0 and so I am not sure it should be in
> here.
> > - "Message Authentication ..." - change "200900602" to "20090602"
> > - 8.2: Change description of first change to: "Changed "MIME media type
> name" to " Type name" and "MIME subtype name" to "Subtype name"
> >
> > Generic Hybrid Ciphers:
> > -----------------------------
> > - Section 9, "Acknowledgements" is empty; in line with the other documents I
> suggest removing this section altogether and instead creating a Section 1.2
> "Acknowledgements" with the following text:
> >
> > The contributions of the following Working Group members to this
> specification are gratefully acknowledged in accordance with the contributor
> policies and the active WG roster: Frederick Hirsch, Brian LaMacchia, Thomas
> Roessler, Magnus Nyström, Bruce Rich, Scott Cantor, Hal Lockhart, Cynthia
> Martin, Ed Simon, Pratik Datta and Meiko Jensen.
> >
> > Additionally, we thank Burt Kaliski of EMC for his comments during and
> subsequent to Last Call.
> >
> > - In Appendix A, the URL to [XMLENC-CORE1] and [XMLDSIG-CORE1] should be
> updated, eventually, just as for XML Encryption 1.1.
> >
> > Requirements
> > -----------------
> > (I was not sure what to do here, but I did check the references
> > section as per below:)
> > - [C14N-REQS]: The URL is different between the hyperlink in the title and the
> explicit URL.
> > - [C14N11]: Same as previous comment
> > - [EXI]: Missing hyperlink in title
> > - [Gajek]: Missing hyperlink in title
> > - [Infoset]: Missing hyperlink in title
> > - [McIntoshAustel] - Missing URL altogether. A possible URL is:
> > http://portal.acm.org/citation.cfm?doid=1103022.1103026
> > - PKCS #5: Missing hyperlink in title
> > - RFC 2633 is obsoleted by RFC 3851
> > - SigProp: Different URL for title than for explicit URL.
> > - XMLDsig2nd: Missing hyperlink in title
> >
> > Best,
> > -- Magnus
> >
> >
> 
Received on Tuesday, 18 January 2011 06:34:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 18 January 2011 06:34:29 GMT