W3C home > Mailing lists > Public > public-xmlsec@w3.org > September 2011

Re: Re: Importing 1.0 while normatively referencing 1.1 ( LC-2544) ( LC-2561)

From: MURATA Makoto <eb2m-mrt@asahi-net.or.jp>
Date: Sat, 3 Sep 2011 12:16:11 +0900
Message-ID: <CALvn5EABRpMQtc6wvCMTF7esd4n-8n5=cja1V9GLvs2euK+5Lw@mail.gmail.com>
To: public-xmlsec@w3.org
Dear colleagues,

I still do not understand.  The revised gh-example.xml still contains
<dsig11:ECKeyValue>...</dsig11:ECKeyValue>.

If Encryption 1.1 does not normatively reference Signature 1.1,
conformant implementations are not required to handle this subtree
as specified in Signature 1.1.  Implementations are required
to handle this subtree only when implementors claim conformance
to both Signature  1.1 and Encryption 1.1.  Is this really your
intention?

Regards,
Makoto


2011/9/3  <frederick.hirsch@nokia.com>:
>
>  Dear MURATA Makoto ,
>
> The XML Security Working Group has reviewed the comments you sent [1] on
> the Last Call Working Draft [2] of the XML Security Generic Hybrid Ciphers
> published on 3 Mar 2011. Thank you for having taken the time to review the
> document and to send us comments!
>
> The Working Group's response to your comment is included below.
>
> Please review it carefully and let us know by email at
> public-xmlsec@w3.org if you agree with it or not before 9 September 2011.
> In case of disagreement, you are requested to provide a specific solution
> for or a path to a consensus with the Working Group. If such a consensus
> cannot be achieved, you will be given the opportunity to raise a formal
> objection which will then be reviewed by the Director during the transition
> of this document to the next stage in the W3C Recommendation Track.
>
> Thanks,
>
> For the XML Security Working Group,
> Thomas Roessler
> W3C Staff Contact
>
>  1.
> http://www.w3.org/mid/CALvn5ED2yczR1jRY3sQRGPgMGDNVosFjJTQwn_19FEzT9WxqQA@mail.gmail.com
>  2. http://www.w3.org/TR/2011/CR-xmlsec-generic-hybrid-20110303/
>
>
> =====
>
> Your comment on 6. Examples This section is non-normative. 6.1 Key
> Transpo...:
>> I have to revisit this issue, since a test document gh-example.xml (in
>> the directory "xml encryption test files")
>> has
>>
>>   <ds:KeyInfo>
>>     <dsig11:ECKeyValue>
>>       <dsig11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
>>       <dsig11:PublicKey>DEADBEEF</dsig11:PublicKey>
>>     </dsig11:ECKeyValue>
>>   </ds:KeyInfo>
>>
>> To validate this ECKeyValue element, we need the schema for Signature
>> 1.1.
>>
>> But this example document might be simply incorrect.  I see other
>> errors
>> such as
>>
>>     Algorithm="http://www.w3.org/2009/xmlenc11#GenericHybridCipher"
>>
>> which is not a valid algorithm identifer.  Is my copy obsolete?
>>
>> Regards,
>> Makoto
>>
>> 2011/8/19 MURATA Makoto <eb2m-mrt@asahi-net.or.jp>:
>> > Agreed.  Thanks.
>> >
>> > Regards,
>> > Makoto
>> >
>> > 2011/8/17  <frederick.hirsch@nokia.com>:
>> >>
>> >>  Dear MURATA Makoto ,
>> >>
>> >> The XML Security Working Group has reviewed the comments you sent
>> [1] on
>> >> the Last Call Working Draft [2] of the XML Encryption Syntax and
>> Processing
>> >> Version 1.1 published on 13 May 2010. Thank you for having taken the
>> time
>> >> to review the document and to send us comments!
>> >>
>> >> The Working Group's response to your comment is included below.
>> >>
>> >> Please review it carefully and let us know by email at
>> >> public-xmlsec@w3.org if you agree with it or not before 22 August
>> 2011. In
>> >> case of disagreement, you are requested to provide a specific
>> solution for
>> >> or a path to a consensus with the Working Group. If such a consensus
>> cannot
>> >> be achieved, you will be given the opportunity to raise a formal
>> objection
>> >> which will then be reviewed by the Director during the transition of
>> this
>> >> document to the next stage in the W3C Recommendation Track.
>> >>
>> >> Thanks,
>> >>
>> >> For the XML Security Working Group,
>> >> Thomas Roessler
>> >> W3C Staff Contact
>> >>
>> >>  1.
>> >>
>>
> http://www.w3.org/mid/CALvn5EAQnAT-i4xB0HV+29ta0fp=ijcg77BfofM3o1x44U0jQg@mail.gmail.com
>> >>  2. http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/
>> >>
>> >>
>> >> =====
>> >>
>> >> Your comment on 9.1 XSD Schema XML Encryption Core Schema Instance
>> >> xenc-sc...:
>> >>> xenc-schema-11.xsd does not import xmldsig11-schema.xsd but
>> >>> rather import xmldsigschema.xsd.  However, XML Encryption 1.1
>> >>> normatively references to XML Signature 1.1 rather than 1.0.
>> >>> Which is correct?
>> >>
>> >>
>> >> Working Group Resolution (LC-2544):
>> >> The working group decided to not make any change here as
>> >> xenc-schema-11.xsd does not require any definitions from
>> >> xmldsig-11-schema.xsd. All that is required is ds:DigestMethod from
>> >> xmldsigschmema.xsd; so the current inclusion is correct and does
>> not
>> >> include unnecessary material.
>> >>
>> >> Thus the schema import is correct as is the normative reference to
>> XML
>> >> SIgnature 1.1 (e.g. to pick up normative changes that are not
>> necessarily
>> >> reflected by schema changes)
>> >>
>> >>
>> >> ----
>> >>
>> >>
>> >>
>> >>
>> >
>> >
>> >
>> > --
>> >
>> > Praying for the victims of the Japan Tohoku earthquake
>> >
>> > Makoto
>> >
>
>
> Working Group Resolution (LC-2561):
> File corrected, see
> http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0001.html
>
> Updated file available at
> http://www.w3.org/2008/xmlsec/Drafts/generic-hybrid-ciphers/gh-example.xml
>
> No change was required to the specification itself.
>
> ----
>
>
>



-- 

Praying for the victims of the Japan Tohoku earthquake

Makoto
Received on Saturday, 3 September 2011 03:16:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 3 September 2011 03:16:41 GMT