W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2011

RE: XML Security 1.1 Editorial Updates

From: Magnus Nystrom <mnystrom@microsoft.com>
Date: Fri, 21 Jan 2011 16:22:34 +0000
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>
CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <D744D68428430B4F9C81DE8A4D59506811F24016@TK5EX14MBXW602.wingroup.windeploy.ntdev.microsoft.com>
For the X509Digest I suggest using more or less what's in the XMLDisg document (perhaps moving it from there even). For the others, I wasn't really the one driving those additions so I think it may be better if those who were did.

-- Magnus


> -----Original Message-----
> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
> Sent: Friday, January 21, 2011 5:32 AM
> To: Magnus Nystrom
> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
> Subject: Re: XML Security 1.1 Editorial Updates
> 
> Magnus
> 
> I actually forgot that second one, thanks for remembering it. Do you mind
> proposing some text?
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> On Jan 21, 2011, at 1:23 AM, ext Magnus Nystrom wrote:
> 
> > Looks good Frederick. For the change in 3.3.3.2 I would perhaps have written:
> >
> > " Note: For consistency with existing public key value element names
> (ds:RSAKeyValue, ds:DSAKeyValue), XML Signature 1.1 defined ECKeyValue
> instead of ECPublicKey."
> >
> > You didn't think there was any reason to include anything about:
> >
> >> - The document does not mention the work that led to the new elements
> "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference"
> >> or "X509Digest". It might be useful to include a motivation for that
> >> work? (For dsig11:X509Digest there is already a pretty good motivation in
> XML Dsig 1.1.).
> >
> > then?
> > -- Magnus
> >
> >
> >> -----Original Message-----
> >> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
> >> Sent: Thursday, January 20, 2011 1:55 PM
> >> To: Magnus Nystrom
> >> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
> >> Subject: XML Security 1.1 Editorial Updates
> >>
> >> I have updated the XML Security 1.1 Requirements editors draft
> >>
> >> (1) to use ReSpec to pick up common formatting and updated references.
> >>
> >> (2) I have also made updates related to your comments as noted below
> >> (and removed wrapping attack reference since it is not really relevant to 1.1
> updates).
> >>
> >> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html
> >>
> >> Please let me also know of any issues with the draft, otherwise I
> >> suggest we publish this update in conjunction with the 1.1 CR publications.
> >>
> >> (Also added wrapping attack reference to 2.0 requirements draft)
> >>
> >> regards, Frederick
> >>
> >> Frederick Hirsch
> >> Nokia
> >>
> >>
> >>
> >> On Jan 18, 2011, at 1:33 AM, ext Magnus Nystrom wrote:
> >>
> >>> Frederick, All,
> >>> I have compared the XML Security 1.1 Requirements and Design
> >> Considerations document against our deliverables. A few observations:
> >>>
> >>> - Section 3.2.3: The sub-subsections of this subsection should
> >>> probably be
> >> changed to enumerated requirements or else the comparison in Section
> >> 3.2.4 is harder to follow.
> >>
> >> Updated 3.2.3 to include R# in heading to ease referral
> >>
> >>
> >>> - Section 3.2.5.1: Change "cannot meet formally meet" to "cannot
> >>> formally
> >> meet"
> >> fixed
> >>
> >>> - Section 3.3.2.1:
> >>> a) Perhaps add that those requirements also apply to XML Encryption
> >>> 1.1, as
> >> applicable (e.g. the SHA requirements).
> >>
> >> agree, done
> >>
> >>
> >>> b)
> >>
> >>> .
> >>
> >> Added notes to this effect.
> >>
> >>> - Section 3.3.3.2: We never defined an ECPublicKey type, we ended up
> >>> with
> >> ECKeyValue (for good reason).
> >>
> >> Added a note to this effect.
> >>
> >>
> >>> - The document does not mention the work that led to the new
> >>> elements
> >> "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" or
> "X509Digest".
> >> It might be useful to include a motivation for that work? (For
> >> dsig11:X509Digest there is already a pretty good motivation in XML Dsig
> 1.1.).
> >>>
> >>> Other than that I think this looks good.
> >>>
> >>> -- Magnus
> >>>
> >>>> -----Original Message-----
> >>>> From: Frederick.Hirsch@nokia.com
> >>>> [mailto:Frederick.Hirsch@nokia.com]
> >>>> Sent: Monday, January 17, 2011 11:56 AM
> >>>> To: Magnus Nystrom
> >>>> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
> >>>> Subject: Editorial updates per ACTION-767 proposals
> >>>>
> >>>> I've completed the Editorial updates for
> >>>>
> >>>> 1. XML Encryption 1.1 (also made change to XML Signature 1.1 to
> >>>> unify handling of with/omit comments),
> >>>>
> >>>> 2. the XML Encryption 1.1 explanation document (also changed
> >>>> title), and
> >>>>
> >>>> 3. Generic Hybrid Ciphers.
> >>>>
> >>>> Still need to look at requirements document.
> >>>>
> >>>> Open:
> >>>>
> >>>> Need direct link for X9.44 (not a blocker for CR) Need RFC for
> >>>> ECC-ALGS (but not a blocker for CR) Update 1.1 cross references
> >>>> when going to CR
> >>>>
> >>>> regards, Frederick
> >>>>
> >>>> Frederick Hirsch
> >>>> Nokia
> >>>>
> >>>>
> >>>>
> >>>> On Jan 17, 2011, at 11:54 AM, ext Magnus Nystrom wrote:
> >>>>
> >>>>> Frederick, All,,
> >>>>> This is in response to ACTION-767 assigned to me last week.
> >>>>>
> >>>>> I don't know where the references are stored any longer so I have
> >>>>> not done
> >>>> any changes in the sources themselves but I did note the following:
> >>>>>
> >>>>> XML Encryption 1.1:
> >>>>> -------------------------
> >>>>> - The reference for NFC: The URL should be preceded by the string
> >>>>> "URL:" as for other references
> >>>>> - The reference for ANSI X9.52 should be linked as the reference
> >>>>> for ANSI
> >>>> X9.44. As it is right now, one only gets to the generic ANSI home page.
> >>>>> - The link to XML Signature Syntax and Processing Version 1.1 will
> >>>>> need to be
> >>>> updated eventually; same for XML Encryption Syntax and Processing 1.1.
> >>>>> - For [ECC-ALGS], we should check if it has been given an RFC
> >>>>> number yet. I will
> >>>> follow up on this. I believe it should still be informative in this document.
> >>>>>
> >>>>> Outside of the references:
> >>>>> - Section 5.1.1: Should probably be consistent in how we reference
> >>>>> the
> >>>> "with"/"omit" comments; sometimes we write "(omit comments)" and
> >>>> sometimes "with comments" (i.e. without parenthesis) and sometimes
> >>>> "comments" is spelled with a capital "C".
> >>>>> - Section 8.2, replace "they will be" with "there will be"
> >>>>>
> >>>>> Explain:
> >>>>> -----------
> >>>>> - My affiliation should be changed to Microsoft.
> >>>>> - 3.3: Change "Clarify" to "Clarified that"
> >>>>> - 5.4.2: That change is not relative to 1.0 and so I am not sure
> >>>>> it should be in
> >>>> here.
> >>>>> - "Message Authentication ..." - change "200900602" to "20090602"
> >>>>> - 8.2: Change description of first change to: "Changed "MIME media
> >>>>> type
> >>>> name" to " Type name" and "MIME subtype name" to "Subtype name"
> >>>>>
> >>>>> Generic Hybrid Ciphers:
> >>>>> -----------------------------
> >>>>> - Section 9, "Acknowledgements" is empty; in line with the other
> >>>>> documents I
> >>>> suggest removing this section altogether and instead creating a
> >>>> Section 1.2 "Acknowledgements" with the following text:
> >>>>>
> >>>>> The contributions of the following Working Group members to this
> >>>> specification are gratefully acknowledged in accordance with the
> >>>> contributor policies and the active WG roster: Frederick Hirsch,
> >>>> Brian LaMacchia, Thomas Roessler, Magnus Nyström, Bruce Rich, Scott
> >>>> Cantor, Hal Lockhart, Cynthia Martin, Ed Simon, Pratik Datta and
> >>>> Meiko
> >> Jensen.
> >>>>>
> >>>>> Additionally, we thank Burt Kaliski of EMC for his comments during
> >>>>> and
> >>>> subsequent to Last Call.
> >>>>>
> >>>>> - In Appendix A, the URL to [XMLENC-CORE1] and [XMLDSIG-CORE1]
> >>>>> should be
> >>>> updated, eventually, just as for XML Encryption 1.1.
> >>>>>
> >>>>> Requirements
> >>>>> -----------------
> >>>>> (I was not sure what to do here, but I did check the references
> >>>>> section as per below:)
> >>>>> - [C14N-REQS]: The URL is different between the hyperlink in the
> >>>>> title and the
> >>>> explicit URL.
> >>>>> - [C14N11]: Same as previous comment
> >>>>> - [EXI]: Missing hyperlink in title
> >>>>> - [Gajek]: Missing hyperlink in title
> >>>>> - [Infoset]: Missing hyperlink in title
> >>>>> - [McIntoshAustel] - Missing URL altogether. A possible URL is:
> >>>>> http://portal.acm.org/citation.cfm?doid=1103022.1103026
> >>>>> - PKCS #5: Missing hyperlink in title
> >>>>> - RFC 2633 is obsoleted by RFC 3851
> >>>>> - SigProp: Different URL for title than for explicit URL.
> >>>>> - XMLDsig2nd: Missing hyperlink in title
> >>>>>
> >>>>> Best,
> >>>>> -- Magnus
> >>>>>
> >>>>>
> >>>>
> >>>
> >>
> >
> 
Received on Friday, 21 January 2011 16:23:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 21 January 2011 16:23:21 GMT