W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2011

Re: XML Security 1.1 Editorial Updates

From: <Frederick.Hirsch@nokia.com>
Date: Fri, 21 Jan 2011 14:31:39 +0100
To: <mnystrom@microsoft.com>
CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Message-ID: <CADB6823-BB75-4CBF-9CF2-7E5785A4C387@nokia.com>
Magnus

I actually forgot that second one, thanks for remembering it. Do you mind proposing some text?

regards, Frederick

Frederick Hirsch
Nokia



On Jan 21, 2011, at 1:23 AM, ext Magnus Nystrom wrote:

> Looks good Frederick. For the change in 3.3.3.2 I would perhaps have written:
> 
> " Note: For consistency with existing public key value element names (ds:RSAKeyValue, ds:DSAKeyValue), XML Signature 1.1 defined ECKeyValue instead of ECPublicKey."
> 
> You didn't think there was any reason to include anything about:
> 
>> - The document does not mention the work that led to the new elements "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" 
>> or "X509Digest". It might be useful to include a motivation for that work? (For dsig11:X509Digest there is already a pretty good motivation 
>> in XML Dsig 1.1.).
> 
> then?
> -- Magnus
> 
> 
>> -----Original Message-----
>> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
>> Sent: Thursday, January 20, 2011 1:55 PM
>> To: Magnus Nystrom
>> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
>> Subject: XML Security 1.1 Editorial Updates
>> 
>> I have updated the XML Security 1.1 Requirements editors draft
>> 
>> (1) to use ReSpec to pick up common formatting and updated references.
>> 
>> (2) I have also made updates related to your comments as noted below (and
>> removed wrapping attack reference since it is not really relevant to 1.1 updates).
>> 
>> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html
>> 
>> Please let me also know of any issues with the draft, otherwise I suggest we
>> publish this update in conjunction with the 1.1 CR publications.
>> 
>> (Also added wrapping attack reference to 2.0 requirements draft)
>> 
>> regards, Frederick
>> 
>> Frederick Hirsch
>> Nokia
>> 
>> 
>> 
>> On Jan 18, 2011, at 1:33 AM, ext Magnus Nystrom wrote:
>> 
>>> Frederick, All,
>>> I have compared the XML Security 1.1 Requirements and Design
>> Considerations document against our deliverables. A few observations:
>>> 
>>> - Section 3.2.3: The sub-subsections of this subsection should probably be
>> changed to enumerated requirements or else the comparison in Section 3.2.4 is
>> harder to follow.
>> 
>> Updated 3.2.3 to include R# in heading to ease referral
>> 
>> 
>>> - Section 3.2.5.1: Change "cannot meet formally meet" to "cannot formally
>> meet"
>> fixed
>> 
>>> - Section 3.3.2.1:
>>> a) Perhaps add that those requirements also apply to XML Encryption 1.1, as
>> applicable (e.g. the SHA requirements).
>> 
>> agree, done
>> 
>> 
>>> b)
>> 
>>> .
>> 
>> Added notes to this effect.
>> 
>>> - Section 3.3.3.2: We never defined an ECPublicKey type, we ended up with
>> ECKeyValue (for good reason).
>> 
>> Added a note to this effect.
>> 
>> 
>>> - The document does not mention the work that led to the new elements
>> "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" or "X509Digest".
>> It might be useful to include a motivation for that work? (For dsig11:X509Digest
>> there is already a pretty good motivation in XML Dsig 1.1.).
>>> 
>>> Other than that I think this looks good.
>>> 
>>> -- Magnus
>>> 
>>>> -----Original Message-----
>>>> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
>>>> Sent: Monday, January 17, 2011 11:56 AM
>>>> To: Magnus Nystrom
>>>> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
>>>> Subject: Editorial updates per ACTION-767 proposals
>>>> 
>>>> I've completed the Editorial updates for
>>>> 
>>>> 1. XML Encryption 1.1 (also made change to XML Signature 1.1 to unify
>>>> handling of with/omit comments),
>>>> 
>>>> 2. the XML Encryption 1.1 explanation document (also changed title),
>>>> and
>>>> 
>>>> 3. Generic Hybrid Ciphers.
>>>> 
>>>> Still need to look at requirements document.
>>>> 
>>>> Open:
>>>> 
>>>> Need direct link for X9.44 (not a blocker for CR) Need RFC for
>>>> ECC-ALGS (but not a blocker for CR) Update 1.1 cross references when
>>>> going to CR
>>>> 
>>>> regards, Frederick
>>>> 
>>>> Frederick Hirsch
>>>> Nokia
>>>> 
>>>> 
>>>> 
>>>> On Jan 17, 2011, at 11:54 AM, ext Magnus Nystrom wrote:
>>>> 
>>>>> Frederick, All,,
>>>>> This is in response to ACTION-767 assigned to me last week.
>>>>> 
>>>>> I don't know where the references are stored any longer so I have
>>>>> not done
>>>> any changes in the sources themselves but I did note the following:
>>>>> 
>>>>> XML Encryption 1.1:
>>>>> -------------------------
>>>>> - The reference for NFC: The URL should be preceded by the string
>>>>> "URL:" as for other references
>>>>> - The reference for ANSI X9.52 should be linked as the reference for
>>>>> ANSI
>>>> X9.44. As it is right now, one only gets to the generic ANSI home page.
>>>>> - The link to XML Signature Syntax and Processing Version 1.1 will
>>>>> need to be
>>>> updated eventually; same for XML Encryption Syntax and Processing 1.1.
>>>>> - For [ECC-ALGS], we should check if it has been given an RFC number
>>>>> yet. I will
>>>> follow up on this. I believe it should still be informative in this document.
>>>>> 
>>>>> Outside of the references:
>>>>> - Section 5.1.1: Should probably be consistent in how we reference
>>>>> the
>>>> "with"/"omit" comments; sometimes we write "(omit comments)" and
>>>> sometimes "with comments" (i.e. without parenthesis) and sometimes
>>>> "comments" is spelled with a capital "C".
>>>>> - Section 8.2, replace "they will be" with "there will be"
>>>>> 
>>>>> Explain:
>>>>> -----------
>>>>> - My affiliation should be changed to Microsoft.
>>>>> - 3.3: Change "Clarify" to "Clarified that"
>>>>> - 5.4.2: That change is not relative to 1.0 and so I am not sure it
>>>>> should be in
>>>> here.
>>>>> - "Message Authentication ..." - change "200900602" to "20090602"
>>>>> - 8.2: Change description of first change to: "Changed "MIME media
>>>>> type
>>>> name" to " Type name" and "MIME subtype name" to "Subtype name"
>>>>> 
>>>>> Generic Hybrid Ciphers:
>>>>> -----------------------------
>>>>> - Section 9, "Acknowledgements" is empty; in line with the other
>>>>> documents I
>>>> suggest removing this section altogether and instead creating a
>>>> Section 1.2 "Acknowledgements" with the following text:
>>>>> 
>>>>> The contributions of the following Working Group members to this
>>>> specification are gratefully acknowledged in accordance with the
>>>> contributor policies and the active WG roster: Frederick Hirsch,
>>>> Brian LaMacchia, Thomas Roessler, Magnus Nyström, Bruce Rich, Scott
>>>> Cantor, Hal Lockhart, Cynthia Martin, Ed Simon, Pratik Datta and Meiko
>> Jensen.
>>>>> 
>>>>> Additionally, we thank Burt Kaliski of EMC for his comments during
>>>>> and
>>>> subsequent to Last Call.
>>>>> 
>>>>> - In Appendix A, the URL to [XMLENC-CORE1] and [XMLDSIG-CORE1]
>>>>> should be
>>>> updated, eventually, just as for XML Encryption 1.1.
>>>>> 
>>>>> Requirements
>>>>> -----------------
>>>>> (I was not sure what to do here, but I did check the references
>>>>> section as per below:)
>>>>> - [C14N-REQS]: The URL is different between the hyperlink in the
>>>>> title and the
>>>> explicit URL.
>>>>> - [C14N11]: Same as previous comment
>>>>> - [EXI]: Missing hyperlink in title
>>>>> - [Gajek]: Missing hyperlink in title
>>>>> - [Infoset]: Missing hyperlink in title
>>>>> - [McIntoshAustel] - Missing URL altogether. A possible URL is:
>>>>> http://portal.acm.org/citation.cfm?doid=1103022.1103026
>>>>> - PKCS #5: Missing hyperlink in title
>>>>> - RFC 2633 is obsoleted by RFC 3851
>>>>> - SigProp: Different URL for title than for explicit URL.
>>>>> - XMLDsig2nd: Missing hyperlink in title
>>>>> 
>>>>> Best,
>>>>> -- Magnus
>>>>> 
>>>>> 
>>>> 
>>> 
>> 
> 
Received on Friday, 21 January 2011 13:32:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 21 January 2011 13:32:23 GMT