W3C home > Mailing lists > Public > public-xmlsec@w3.org > September 2012

CfC: remove OCSPResponse from XML SIgnature 1.1; please respond by 18 Sept

From: <Frederick.Hirsch@nokia.com>
Date: Wed, 12 Sep 2012 19:33:13 +0000
To: <public-xmlsec@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <1CB2E0B458B211478C85E11A404A2B270175D70C@008-AM1MPN1-033.mgdnok.nokia.com>
This is a Call for Consensus (CfC) to remove the OCSPResponse element from XML Signature 1.1 [1]. The reason is that we do not seem to have interest in interop testing this element and so should remove it so we can progress XML Signature 1.1 toward REC.

A positive response (+1) is preferred - silence is considered to be agreement.

Please respond by 18 Sept 2012 (before our next call on Tuesday 19 Sept).


regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

[1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html

Specifically, we will remove

1. the bullet in section 4.5.4  The X509Data element (and thus the corresponding OCSP reference as well)

  *   The dsig11:OCSPResponse element contains a base64-encoded OCSP response in DER encoding. [OCSP<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html#bib-OCSP>].

2. The line in the schema snippet,

      <!-- <element ref="dsig11:OCSPResponse"/> -->

also change the schema snippet line

      <!-- OCSPResponse and X509Digest elements (XMLDsig 1.1) will use the any element -->


      <!-- The X509Digest element (XMLDSig 1.1) will use the any element -->

 also remove the lines

<element name="OCSPResponse" type="base64Binary" />

Also make these changes to XML Signature 2.0, and remove OCSPResponse from the XML Signature 1.1 interop test report
Received on Wednesday, 12 September 2012 19:33:43 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:18 UTC