W3C home > Mailing lists > Public > public-xmlsec@w3.org > May 2012

Re: Call for Consensus on proposed XML Signature 1.1 and XML Encryption 1.1 interop test report updates

From: <Frederick.Hirsch@nokia.com>
Date: Wed, 9 May 2012 20:44:43 +0000
To: <Frederick.Hirsch@nokia.com>
CC: <public-xmlsec@w3.org>
Message-ID: <8EA82AF7-F862-4FE4-9D7C-A7284D9F6E19@nokia.com>
In addition, I propose the following item be removed from the XML Signature 1.1 Interop Test Report (in section 5, http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html#sec-KeyInfoChanges )

	 required support of KeyValue formats for DSA, RSA (required now, no longer recommended), and ECDSA


Rationale is that ECDSA KeyValue is tested and noted in section 2 on Elliptic Curve and DSA and RSA were present prior to XML Signature 1.1 and thus had interop testing (despite change of Required and Recommended)


regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG



On May 9, 2012, at 3:27 PM, Hirsch Frederick (Nokia-CIC/Boston) wrote:

> Reviewing the draft XML Signature 1.1 and XML Encryption 1.1  interop test reports for open testing items I propose the resolution of the following: (see [1], [2])
> 
> 1. XML Signature 1.1 "X509Data: Add that the recommended certificate encoding is BER or DER subset." 
> 
> not testable and out of scope for interop - remove from interop test report document
> 
> 2. XML Signature 1.1 "Added exclusive canonicalization with comments as required algorithm"
> 
> No need to test - tested as part of bringing Exclusive Canonicalization to Recommendation, http://www.w3.org/Signature/2002/02/01-exc-c14n-interop.html
> 
> However, also tested as part of Elliptic Curve testing noted in section 2 of interop test report  document, so this can be marked as done. 
> 
> 3. XML Signature 1.1 "Added exclusive canonicalization without comments as recommended algorithm"
> 
> No need to test - tested as part of bringing "Exclusive XML Canonicalization Version 1.0"  to Recommendation, http://www.w3.org/Signature/2002/02/01-exc-c14n-interop.html
> 
> 4. XML Signature 1.1 "Add XPath Filter 2.0 as recommended transform algorithm"
> 
> No need to test - tested as part of bringing "XML-Signature XPath Filter 2.0"  to Recommendation,  http://www.w3.org/Signature/2002/05/xmldsig-filter2-interop.html
> 
> 5. XML Encryption 1.1 Add Canonical XML 1.1 (omit comments) as optional, Add Canonical XML 1.1 with comments as optional
> 
> No need to test - tested as part of bringing "Canonical XML Version 1.1"  to Recommendation,  http://www.w3.org/2007/xmlsec/interop/xmldsig/c14n11/report.html
> 
> 6. XML Encryption 1.1 
> 
> Clarifications do not require testing (see section 9 of  "XML Encryption 1.1 Interop Test Report"). Propose to remove this section of the report.
> 
> For items that do not need testing because they have been tested as part of another Recommendation, I will add a note to that effect to the interop test report.
> 
> This is a call for consensus on the above conclusions and actions, which means we will agree to these changes unless concern is expressed on the list. Silence means agreement, though a +1 to the conclusions is preferred. Please respond before our next call, 19th June.
> 
> Once agreed I'll edit the "XML Signature 1.1 Interop Test Report"  and XML Encryption 1.1 Interop Test Report" accordingly.
> 
> Thanks
> 
> regards, Frederick
> 
> Frederick Hirsch, Nokia
> Chair XML Security WG
> 
> [1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html
> 
> [2] http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/Overview.src.html
Received on Wednesday, 9 May 2012 20:45:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 20:45:17 GMT