Re: ISSUE-48 (DerivedKeyType): No support for derived keys in XML Dsig, XML Enc [Rqmts (XML Signature and Canonicalization V Next Requirements)]

On 2008-08-28 12:09:47 +0000, XML Security Working Group Issue Tracker wrote:

> Neither XML DSig or XML Enc supports the concept of derived keys.
> 
> There are several cases when this lack of support is an issue. For
> example, when encryption or message authentication is based on
> passwords. Another example is when a master key is all that is shared
> between communicating parties and avoidance of using this master key
> for direct protection is desired.
> 
> A separate email will provide an analysis of the use of derived
> keys in some existing WS * specifications, and compare the
> functionality in those specification with an alternative, based
> on a set of requirements.

On an editorial note, it strikes me that it might be useful to have
a section on algorithm and keying requirements in the requirements
and design document, encompassing both Encryption and Signature.

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Thursday, 28 August 2008 14:05:42 UTC