New errata reported for RFC 6931, "Additional XML Security Uniform Resource Identifiers (URIs)" from frederick.hirsch@nokia.com on 2014-06-03 (public-xmlsec@w3.org from June 2014)

From: <frederick.hirsch@nokia.com>
Date: Tue, 3 Jun 2014 21:33:43 +0000
To: <public-xmlsec@w3.org>
CC: <frederick.hirsch@nokia.com>, <d3e3e3@gmail.com>
Message-ID: <F6DC9C60-A6F4-4956-9E98-71C56AC3D23D@nokia.com>

I have submitted an errata to item to RFC 6931,"Additional XML Security Uniform Resource Identifiers (URIs)", April 2013

The errata number is 4004 and it is available here: http://www.rfc-editor.org/errata_search.php?rfc=6931&eid=4004

>From the errata item:

[[

Reported By: Frederick Hirsch
Date Reported: 2014-05-29

-----
Section 2.3.11 says:

2.3.11.  RSA-SHA224

Identifier:
     http://www.w3.org/2007/05/xmldsig-more#rsa-sha224

  This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described
  in Section 2.3.1, but with the ASN.1 BER SHA-224 algorithm designator
  prefix.  An example of use is

  <SignatureMethod
     Algorithm="http://www.w3.org/2007/05/xmldsig-more#rsa-sha224" />

  Because it takes about the same effort to calculate a SHA-224 message
  digest as it does a SHA-256 message digest, it is suggested that
  RSA-SHA256 be used in preference to RSA-SHA224 where possible.

-----
It should say:

2.3.11.  RSA-SHA224

Identifier:
     http://www.w3.org/2001/04/xmldsig-more#rsa-sha224

  This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described
  in Section 2.3.1, but with the ASN.1 BER SHA-224 algorithm designator
  prefix.  An example of use is

  <SignatureMethod
     Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" />

  Because it takes about the same effort to calculate a SHA-224 message
  digest as it does a SHA-256 message digest, it is suggested that
  RSA-SHA256 be used in preference to RSA-SHA224 where possible.

-----
Notes:

RFC 6931 should be corrected to use the same identifier for RSA-SHA224 as is used in the W3C Recommendation "XML Signature Syntax and Processing Version 1.1? normative section 6.4.2 ( http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/#sec-PKCS1 ). 

This same identifier is also specified in the W3C Note "XML Security Algorithm Cross-Reference? section 3.2 ( http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130411/#RSA )

At least two shipping code implementations use this value from the W3C Recommendation ; to enable interoperability, avoid confusion and be consistent with the published Recommendation RFC 6931 should be updated to be consistent.

Please note that the revision affects both the identifier URL and the Algorithm attribute value in the 2.3.11 section which is why the entire section is given in the Original and Corrected text above.

]]

Don, do you have any comment or indication when the RFC might be updated?

Thanks, especially to Scott for bringing this to my attention. 

regards, Frederick

Frederick Hirsch, Nokia
Chair XMLSec WG
@fjhirsch

Received on Tuesday, 3 June 2014 21:34:14 UTC