W3C home > Mailing lists > Public > public-xmlsec@w3.org > October 2011

RE: proposed XML Encryption 1.1 changes related to OAEP

From: Pratik Datta <pratik.datta@oracle.com>
Date: Wed, 5 Oct 2011 10:38:32 -0700 (PDT)
Message-ID: <8c4ef295-357d-47ac-b4fb-6a3ab1a36657@default>
To: Frederick.Hirsch@nokia.com, public-xmlsec@w3.org
Frederick,

When you said change the URI for RSA-OAEP http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
I assume you mean create a new URI.  We obviously cannot get rid of the existing URI for backwards compatibility. For example this is the "Basic128" and "Basic256" encryption algorithm in WS-Security and it is the most popularly used.

For OAEPParams,  instead of describing it "label", I would go with "PSource specified".

In your redline you have "ds:EncryptionMethod" and "ds11:MGF"
  EncryptionMethod is in "enc" namespaces.  We should put MGF in enc11 namespace


Pratik

-----Original Message-----
From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] 
Sent: Wednesday, October 05, 2011 9:28 AM
To: public-xmlsec@w3.org
Cc: Frederick.Hirsch@nokia.com
Subject: proposed XML Encryption 1.1 changes related to OAEP

Attached are Redline and clean roll-ups of proposed changes to XML Encryption 1.1 based on our list and call discussion.

Changes:

1. define new optional attribute to EncryptionMethod to convey MGF for OAEP

2. change URI for RSA-OAEP not to assume specific MGF (e.g. decouple to allow change to MGF). This is a significant change to decouple MGF definition from algorithm definition

3. Clarify RSA-OAEP section wording to clarify that digest is specified in DigestMethod Algorithm attribute, MGF in MGF attribute with default of MGF1 with SHA1 if not specified, and Label is optionally in OAEPparams XML element.

4. Incorporated outstanding changes from Scott that were previously agreed but not implemented (I believe)

http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0043.html

Comment?

regards, Frederick

Frederick Hirsch
Nokia
Received on Wednesday, 5 October 2011 17:39:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 5 October 2011 17:39:11 GMT