W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2001

xmlenc Call 13:00 EST 20011119

From: Joseph Reagle <reagle@w3.org>
Date: Wed, 14 Nov 2001 22:32:32 -0400
To: "XML Encryption WG " <xml-encryption@w3.org>
Message-Id: <20011115023233.5F9EC18A@policy.w3.org>


Monday, 13:00 EST (1pm) 19-Nov-01.
Call Tobin bridge (+1-617-252-7000)


The Overview URL for this group is at:
Start processing Last Call comments.


     * [6]Should the CarriedKeyName attribute really be a child element?
     * [7]Section 3.5: The ReferenceList Element In the schema
       definition, why not use <choice> rather than <sequence>?
     * [8]Is Canonical XML really a recommended serialization algorith;
       when exactly must one use it?
     * [9]Christian's Comments
     * [10]Rivest's Comments
         1. new combined "encryption+integrity" modes of operation
         2. You have provisions for referring to some elements indirectly
            (e.g. through a URI), but you may need some >way to ensure
            that what you retrieve is what was intended (e.g. through a
            hash of the element to be retrieved). Perhaps this is
            implicitly handled already...
         3. The are of modes of encryption that won't fit your model, but
            which are very useful. For example, "secret-sharing" allows
            encryption of a document into several pieces, or shares, in
            such a way that a requisite number of them are required to
            decrypt/reconstruct the document. Just be sure you don't
            preclude somehow expansion to handle this sort of thing later
         4. I'm very uncomfortable with allowing the encryption algorithm
            to be "understood" between the sender and the recipient; you
            should force the sender to be explicit. Non-explicitness is
            the cause of very many protocol failures.


   (Section 5)
     * [11]Nonce and Key Wrap Algorithm: "It seems to me that with the
       key wrap algorithm specified in section 5.6.2, there is no way a
       nonce can be used, although you may still set up one in the
       corresponding CipherData element by the document."
     * [12]I want it fixed that 168 bit keys are transported in 192 bit
       form, that's all.
     * Cleanup of canonicalization and inclusion of exclusive

Received on Wednesday, 14 November 2001 21:32:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:02 UTC