W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2012

XML Signature 1.1 items at risk (removal)

From: <Frederick.Hirsch@nokia.com>
Date: Tue, 7 Aug 2012 01:33:47 +0000
To: <public-xmlsec@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <F6E4A17D-97A4-4BB9-8631-3B4B0F8FDEA0@nokia.com>
Here is the list of the items I currently have recorded as being at risk of removal from XML Signature 1.1. Please let me know if anything is missing from the list or if there are additional interop results to record.

These are noted in the "XML Signature 1.1 Interop Test Report" [1] and still need two interop tests:

(1) SHA-224 related algorithms: ECDSA-SHA224, HMAC-SHA224, RSAwithSHA224

(2) KeyInfo X509Data items: OCSPResponse, X509Digest (1 implementation Apache Santuario)

(3) KeyInfo items: DEREncodedKeyValue (1 implementation Apache Santuario), KeyInfoReference (1 implementation Apache Santuario)

(4) HMACOutputLength

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG


[1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html
Received on Tuesday, 7 August 2012 01:34:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 7 August 2012 01:34:19 GMT