XML Signature 1.1 items at risk (removal)

Here is the list of the items I currently have recorded as being at risk of removal from XML Signature 1.1. Please let me know if anything is missing from the list or if there are additional interop results to record.

These are noted in the "XML Signature 1.1 Interop Test Report" [1] and still need two interop tests:

(1) SHA-224 related algorithms: ECDSA-SHA224, HMAC-SHA224, RSAwithSHA224

(2) KeyInfo X509Data items: OCSPResponse, X509Digest (1 implementation Apache Santuario)

(3) KeyInfo items: DEREncodedKeyValue (1 implementation Apache Santuario), KeyInfoReference (1 implementation Apache Santuario)

(4) HMACOutputLength

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG


[1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html

Received on Tuesday, 7 August 2012 01:34:18 UTC