W3C home > Mailing lists > Public > public-xmlsec@w3.org > October 2011

Re: Updated XML Encryption 1.1

From: <Frederick.Hirsch@nokia.com>
Date: Wed, 12 Oct 2011 18:41:15 +0000
To: <eb2m-mrt@asahi-net.or.jp>
CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Message-ID: <6D620CB9-37A9-4B05-8842-E7160BF53CDD@nokia.com>
Makoto,

Thanks for noticing this needed change and making an update.  I have a couple of questions

For the RSA-OAEP defined by http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p  the MGF element should not be present but I don't think this is captured by the rnc schema.

Oxygen shows a syntax error at line 69, "xenc11_MGF = element name MFG {xenc11_MFGType }" - I'm not sure why.

We will also need an rng file.

thanks

regards, Frederick

Frederick Hirsch
Nokia



On Oct 11, 2011, at 9:45 PM, ext MURATA Makoto wrote:

> We then have to change xenc-schema-11.rnc as well.  Attached please find a
> proposal (named xenc-schema-11-rev.rnc).
> 
> There are three changes.
> 
> 1) Addition of MGF and MGFType
> 
> xenc11_MGF = element name MFG {xenc11_MFGType }
> xenc11_MGFType =
>  # Restricts xenc11:AlgorithmIdentifierType
>  attribute Algorithm {xsd:anyURI}
> 
> 2) Addition of an alternative option in xenc_EncryptionMethodOtherParams
> 
>  (attribute Algorithm { xsd:anyURI
> "http://www.w3.org/2001/04/xmlenc#rsa-oaep" },
>   xenc11_MGF?)
> 
> This means that when the value of the Algorithm attribute is c,
> an optional MGF element can occur (after the optional KeySize element).
> 
> 3) Add http://www.w3.org/2001/04/xmlenc#rsa-oaep to the list of known algorithms
> 
> This is needed so that lenient schemas do not allow other elements when
> @Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep".
> 
> Regards,
> Makoto
> 
> 2011/10/12  <Frederick.Hirsch@nokia.com>:
>> I have updated XML Encryption 1.1 editors draft, see http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.html
>> 
>> The changes are as follows:
>> 
>> 1. Implemented change proposed on list and agreed on today's call, with additional change to having MGF as element.
>> 
>> (Proposal at http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0024.html and minutes at http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/att-0032/minutes-2011-10-11.html#item03 )
>> 
>> 2. Updated xenc-schema11.xsd to add MGF element definition. Did *not* add comment to xenc-schema.xsd in EncryptionMethod element to note where this might go as it is described in the text. Thanks to Scott for reviewing and proposing schema improvements.
>> 
>> 3. In addition to changes in proposal, in put in 5.5.2 schema snippet MGF defintion, also added second example (one for each URI case). Also changes in proposal to wording to accommodate MGF as an element.
>> 
>> 4. Updated the broken RIPEMD-160 reference and fixed some validation errors in the source.
>> 
>> Please review sections 3.2, 5.1 (Key Transport algorithm identifiers), 5.5 (removed last paragraph), 5.5.1 (added paragraph break), and 5.5.2 (significant revision of text for RSA-OAEP).
>> 
>> Still need to define URL for SHA2 mask generation function (ACTION-845) and update algorithm cross reference (ACTION-846)
>> 
>> Thanks
>> 
>> regards, Frederick
>> 
>> Frederick Hirsch
>> Nokia
>> 
>> This should complete ACTION-844
>> 
>> 
>> 
>> 
> 
> 
> 
> -- 
> 
> Praying for the victims of the Japan Tohoku earthquake
> 
> Makoto
> <xenc-schema-11-rev.rnc>
Received on Wednesday, 12 October 2011 18:42:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 12 October 2011 18:42:02 GMT