W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2002

Re: First Stab at XML Encryption Interop Matrix

From: Jiandong Guo <jguo@phaos.com>
Date: Fri, 15 Feb 2002 13:00:45 -0500
Message-ID: <3C6D4CCC.1E95C9BC@phaos.com>
To: reagle@w3.org
CC: xml-encryption@w3.org, arik@phaos.com, vamsi@phaos.com
Hi Joseph,

Attached is a .zip file contains the XML Encryption test vectors produced from
Phaos XML toolkit.
In creating them, we considered  the possible combinations of data encryption
algorithms and
key encryption algorithms. Any comments and suggestions are welcome.

Jiandong Guo
Phaos Technology

Joseph Reagle wrote:

> The matrix is now available at [1]. While I was creating it, I was also
> doing some minor tweaks to the spec to make things more clear with respect
> to conformance. Some of these things need some test-vectors. For instance,
> is anyone ready to exchange actual examples for encryption/decryption? Any
> volunteers to provide some test vectors? Other optional features (such as
> ReferenceList) don't have an interop test but we still need reports as to
> whether those features are supported -- otherwise we will drop them.
>
> Examples of tweaks to the spec include section 3.2.1 (CipherReference)
> which now has some text [2] on conformance. I also did some tweaking to the
> processing rules. I broke some text off in the Encryption rules and
> included it as a 3.4. Also, I wonder if my tweaks to Decryption/3/4 is in
> keeping with everyone else's understanding [3]? (Before, it just said if it
> was a KeyValue, is it correct to limit it to the decrypted text of
> EncryptedKeys?)
>
> Also, I don't include some of the MUSTs of the crypto algorithms since
> they are so straightforward. For example, in DH Key Agreement, "The size of
> p MUST be at least 512 bits and g at least 160 bits."
>
> Finally, since xmldsig is a SHOULD, I also include the Decryption Transform
> as a SHOULD.
>
> [1] http://www.w3.org/Encryption/2002/02-xenc-interop.html
> [2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
> $Revision: 1.133 $ on $Date: 2002/02/12 20:19:11 $ GMT by $Author: reagle $
> [3] "If the CipherData is a child of EncryptedKey, the cleartext octet
> sequence represents a key value and is used in decrypting other
> EncryptedType element(s). The decryptor MUST support passing this key value
> and Type (if any) to the application for subsequent processing. If it
> represents data then processing as described below is required. [Are my
> tweaks correct? -JR]"
> --
>
> Joseph Reagle Jr.                http://www.w3.org/People/Reagle/
> W3C Policy Analyst               mailto:reagle@w3.org
> IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
> W3C XML Encryption Chair         http://www.w3.org/Encryption/2001/


Received on Friday, 15 February 2002 12:53:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:20 GMT