RE: [security-services] Comment requested on removing DTD definitions from XML Signature 1.1 and on elliptic curve from ARI KERMAIER on 2009-05-05 (public-xmlsec-comments@w3.org from May 2009)

From: ARI KERMAIER <ARI.KERMAIER@oracle.com>
Date: Tue, 5 May 2009 11:12:50 -0700 (PDT)
To: public-xmlsec-comments@w3.org
Message-ID: <65d00e8d-89ff-4955-94dc-66e765272c2f@default>
Regarding item #2, one topic I would propose discussing is that of the possible intellectual property issues surrounding ECC patents.

The NSA's info in [3] indicates that they have licensed the rights to 26 related patents, and are willing to re-license them to vendors building products for national security use. My concern is that vendors may be unwilling or unable to enter into IP licensing agreements with NSA and/or not planning to use XML-DSIG in national security related products.

I'm not convinced it's appropriate to make an algorithm mandatory to implement, under those circumstances, in the specification for a general-purpose standard of broad applicability. It seems to me that ECDSA should probably be optional in XML-DSIG, and NIST or NSA should propose a profile of the spec for US Government security/intelligence community applications that they can make mandatory for procurement in the relevant agencies.

Regards,
Ari Kermaier

> -----Original Message-----
> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
> Sent: Friday, April 24, 2009 4:21 PM
> To: OASIS SSTC
> Cc: Frederick Hirsch
> Subject: [security-services] Comment requested on removing DTD
> definitions from XML Signature 1.1 and on elliptic curve
> 
> 
> (1) The W3C XML Security working group is considering removing DTD  
> definitions from XML Signature 1.1 and XML Encryption 1.1 and only  
> providing XML Schema definitions in these specifications [1].
> 
> If this is a concern please indicate the concerns and 
> rationale on the  
> XML Security WG comment list at public-xmlsec-comments @ 
> w3.org. This  
> list is publicly archived at 
> http://lists.w3.org/Archives/Public/public-xmlsec-comments/
> 
> (2) The XML Security WG would also like to refine the question about  
> the  suitability of elliptic curve as a mandatory to implement  
> algorithm for XML Signature 1.1 by highlighting that the scope of  
> elliptic  curve is greatly limited in what is proposed to be 
> mandatory  
> in XML  Signature 1.1. The specific  curve being used in an instance  
> of ECDSA is important and there are a  few sets of well-known  
> ("named") curves that have been standardized.  The P-256, P-384 and  
> P-521 curves are three of the five NIST-defined  prime curves.
> 
> Since the publication of the First Public Working Draft of XML   
> Signature 1.1, the following clarifying text was added by the XML   
> Security WG to  the end of section 6.4.3 of XML Signature 1.1 [2]:
> 
> "This specification REQUIRES implementations to support the   
> ECDSAwithSHA256 signature algorithm, which is ECDSA over the P-256  
> prime curve specified in Section D.2.3 of FIPS 186-3 
> [FIPS186-3] (and   
> using the SHA-256 hash algorithm). It is further RECOMMENDED that  
> implementations also support ECDSA over the P-384 and P-521 prime  
> curves; these curves are defined in Sections D.2.4 and D.2.5 of FIPS  
> 186-3, respectively."
> 
> It is important to realize that by reducing the scope of the  
> requirement to a specific curve that this should simplify evaluation
> of whether it is desirable to make this mandatory to implement.
> 
> The XML Security WG would also like to note the importance of this  
> algorithm to US Government customers, as evidenced by their adoption  
> of Suite B [3]. This is reflected in the XML Security WG Use Cases  
> and  Requirements document in section 3.5.2.3 [4].
> 
> If you have feedback on the suitability of the mandatory to 
> implement  
> requirement for ECDSAwithSHA256 algorithm, please indicate on the  
> public comment list. A similar question applies to ECDH-ES mandatory  
> for XML Encryption 1.1.
> 
> (3) if you have any comment on any of the documents recently 
> published  
> by the XML Security WG [1] we would appreciate feedback on 
> the public  
> comments list.
> 
> Thank you
> 
> regards, Frederick
> 
> Frederick Hirsch, Nokia
> Chair XML Security WG
> 
> [1] http://www.w3.org/2008/xmlsec/wiki/RoadmapandPublicationStatus
> 
> [2] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm
> 
> [3] Fact Sheet NSA Suite B Cryptography, 
> http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
> 
> [4] 
http://www.w3.org/TR/2009/WD-xmlsec-reqs-20090226/#algorithm-suiteb


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
Received on Wednesday, 6 May 2009 07:46:06 UTC