Re: Updated "XML Security Algorithm Cross-Reference" editors draft from Frederick.Hirsch@nokia.com on 2012-08-17 (public-xmlsec@w3.org from August 2012)

From: <Frederick.Hirsch@nokia.com>
Date: Fri, 17 Aug 2012 23:22:11 +0000
To: <Frederick.Hirsch@nokia.com>
CC: <public-xmlsec@w3.org>
Message-ID: <42B8351E-B2EB-4B15-AEFE-37864D66F533@nokia.com>
fixed  "a a"  and "ar listed"

regards, Frederick

Frederick Hirsch
Nokia



On Aug 17, 2012, at 7:13 PM, Hirsch Frederick (Nokia-CIC/Boston) wrote:

> I have updated the "XML Security Algorithm Cross-Reference" editors draft, please review
> 
> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.src.html
> 
> Changes as follows:
> 
> (1) Updated introduction to note that document applies to XMLDSIG-CORE1 and XMLENC-CORE1 unless otherwise noted - removed notes about optional algorithms in body of document to correspond with statement in introduction that optional is the default. 
> 
> (2) Added SHA-224, HMAC-SHA224;
> 
> (3) Updated all forward looking statements of the form 'under consideration' to factual statements about 1.1, namely: discourage use of SHA-1;
> mandatory RSA-SHA256, ECDSA-SHA256, HMAC-SHA256, SHA-256, Elliptic Key Diffie-Hellman Key Agreement (Ephemeral-Static Mode), 
> 
> (4) Updated section 3.3  on the RSA Signature algorithm to replace
> 
> "A container for key material, dsigmore:ECDSAKeyValue, is defined in section 3.4.1 of [RFC4050]. "
> 
> with 
> 
> "A container for key material,the ECKeyValue element, is defined in [XMLDSIG-CORE1] in section 4.5.2.3."
> 
> Also removed " No ds:RetrievalMethod type URI is defined for  this  container."
> 
> Also removed "Work is under way to revise this container format. See section 4.5.2.3, for description of ECKeyValue element defined in [XMLDSIG-CORE1]."
> 
> (5) In section 4.2, SHA Variants, replaced
> 
> "Given recent cryptographic research, however, it is expected that use of this algorithm (and signature algorithms that are based upon it) will be discouraged in forthcoming versions of XML Signature."
> 
> with
> 
> "Use of SHA-1 is discouraged in [[XMLDSIG-CORE1]] and [[XMLENC-CORE1]] both of which mandate SHA-256 as mandatory to implement and offer a  a number of other optional SHA algorithms."
> 
> (6) In section 14, Retrieval method type identifiers, replaced 
> 
> "Note: ds:RetrievalMethod may be deprecated in future versions of XML Signature, and is rarely used in practice."
> 
> with
> 
> "Note: The KeyInfoReference element introduced in [[XMLDSIG-CORE1]] is preferred over use of RetrievalMethod as it avoids use of Transform child elements that  introduce security risk and implementation challenges."
> 
> (7) Section 3.1 DSA changed
> 
> "Implementation of this algorithm is required in both [XMLDSIG-CORE2002] and [XMLDSIG-CORE] . We anticipate that future versions of XML Signature will include make this algorithm mandatory to implement for signature verification only, and optional to implement for signature generation. Use of this algorithm is discouraged."
> 
> to
> 
> "Implementation of this algorithm is required in [XMLDSIG-CORE2002], and [XMLDSIG-CORE]. It is mandatory to implement in [XMLDSIG-CORE1] for signature verification but support for signature generation is optional. [XMLDSIG-CORE1] requires verification support for 1024 bit key signatures, however noting that 1024 bit keys should not be used for signatures that will be verified beyond 2010."
> 
> (8) Added to RSA-MD5 in section 3.2:
> 
> "It is not listed as an algorithm in [XMLDSIG-CORE1]."
> 
> (9) Add the following for RSA-RIPEMD 160 in section 3.2:
> 
> "This algorithm is listed for the sake of completeness but does not have an [XMLDSIG-CORE1] implementation requirement."
> 
> (10) Change HMAC-SHA1 in section 3.4 from
> 
> "This algorithm is used as the default MAC algorithm in [XKMS2] . 
> It is mandatory to implement in XML Signature [XMLDSIG-CORE2002] , [XMLDSIG-CORE] ."
> 
> to
> 
> "This algorithm is used as the default MAC algorithm in [XKMS2] . 
> It is mandatory to implement in XML Signature [XMLDSIG-CORE2002], [XMLDSIG-CORE], [XMLDSIG-CORE1]. 
> Use of this algorithm for signature generation is discouraged [XMLDSIG-CORE1] due to the weaknesses of SHA-1."
> 
> (11) Add the following for HMAC-SHA384 and HMAC-SHA512 in section 3.4:
> 
> "Implementation of this algorithm is recommended in [XMLDSIG-CORE1]."
> 
> 12) Add for HMAC-RIPEMD160 in 3.4:
> 
> "This algorithm is listed for the sake of completeness but does not have an [XMLDSIG-CORE1] implementation requirement."
> 
> 13) added to start of 5.3, Camallia, also section 9.3 Camellia Key Wrap:
> 
> "These algorithms are not in the [XMLDSIG-CORE1] or [XMLENC-CORE1] implementation requirements but ar listed for completeness."
> 
> 14) add to "RSA-OAEP (including MGF1 with SHA1 mask generation function)" in section 6.2:
> 
> "This algorithm is mandatory to implement in [XMLENC-CORE]."
> 
> 15) Add to section 7.1 ConcatKDF:
> 
> "This algorithm is mandatory to implement in [XMLENC-CORE]."
> 
> 16) Add for C14N1.0 with comments, C14N 1.1 with comments, section 11.1;  Exclusive C14N 1.0 (omit Comments) section 11.2:
> 
> "Implementation of this algorithm is recommended in   [[XMLDSIG-CORE1]]."
> 
> 17) Add for "XPath Filtering" and "XML-SIgnature XPath Filter 2.0" in section 13:
> 
> "Implementation of this algorithm is recommended in [XMLDSIG-CORE1]."
> 
> Please review and note any additional needed corrections or additions on the list.
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
>
Received on Friday, 17 August 2012 23:22:43 UTC