Fwd: Comment requested on removing DTD definitions from XML Signature 1.1 and on elliptic curve

fyi

regards, Frederick

Frederick Hirsch
Nokia



Begin forwarded message:

> From: Frederick Hirsch <frederick.hirsch@nokia.com>
> Date: April 24, 2009 4:21:26 PM EDT
> To: OASIS WS-SX <ws-sx@lists.oasis-open.org>
> Cc: "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>
> Subject: Comment requested on removing DTD definitions from XML  
> Signature 1.1 and on elliptic curve
>
> (1) The W3C XML Security working group is considering removing DTD
> definitions from XML Signature 1.1 and XML Encryption 1.1 and only
> providing XML Schema definitions in these specifications [1].
>
> If this is a concern please indicate the concerns and rationale on the
> XML Security WG comment list at public-xmlsec-comments @ w3.org. This
> list is publicly archived at http://lists.w3.org/Archives/Public/public-xmlsec-comments/s/
>
> (2) The XML Security WG would also like to refine the question about
> the  suitability of elliptic curve as a mandatory to implement
> algorithm for XML Signature 1.1 by highlighting that the scope of
> elliptic  curve is greatly limited in what is proposed to be mandatory
> in XML  Signature 1.1. The specific  curve being used in an instance
> of ECDSA is important and there are a  few sets of well-known
> ("named") curves that have been standardized.  The P-256, P-384 and
> P-521 curves are three of the five NIST-defined  prime curves.
>
> Since the publication of the First Public Working Draft of XML
> Signature 1.1, the following clarifying text was added by the XML
> Security WG to  the end of section 6.4.3 of XML Signature 1.1 [2]:
>
> "This specification REQUIRES implementations to support the
> ECDSAwithSHA256 signature algorithm, which is ECDSA over the P-256
> prime curve specified in Section D.2.3 of FIPS 186-3 [FIPS186-3] (and
> using the SHA-256 hash algorithm). It is further RECOMMENDED that
> implementations also support ECDSA over the P-384 and P-521 prime
> curves; these curves are defined in Sections D.2.4 and D.2.5 of FIPS
> 186-3, respectively."
>
> It is important to realize that by reducing the scope of the
> requirement to a specific curve that this should simplify evaluation
> of whether it is desirable to make this mandatory to implement.
>
> The XML Security WG would also like to note the importance of this
> algorithm to US Government customers, as evidenced by their adoption
> of Suite B [3]. This is reflected in the XML Security WG Use Cases
> and  Requirements document in section 3.5.2.3 [4].
>
> If you have feedback on the suitability of the mandatory to implement
> requirement for ECDSAwithSHA256 algorithm, please indicate on the
> public comment list. (1) The W3C XML Security working group is
> considering removing DTD definitions from XML Signature 1.1 and XML
> Encryption 1.1 and only providing XML Schema definitions in these
> specifications [1].
>
> If this is a concern please indicate the concerns and rationale on the
> XML Security WG comment list at public-xmlsec-comments @ w3.org. This
> list is publicly archived at http://lists.w3.org/Archives/Public/public-xmlsec-comments/
>
> (2) The XML Security WG would also like to refine the question about
> the  suitability of elliptic curve as a mandatory to implement
> algorithm for XML Signature 1.1 by highlighting that the scope of
> elliptic  curve is greatly limited in what is proposed to be mandatory
> in XML  Signature 1.1. The specific  curve being used in an instance
> of ECDSA is important and there are a  few sets of well-known
> ("named") curves that have been standardized.  The P-256, P-384 and
> P-521 curves are three of the five NIST-defined  prime curves.
>
> Since the publication of the First Public Working Draft of XML
> Signature 1.1, the following clarifying text was added by the XML
> Security WG to  the end of section 6.4.3 of XML Signature 1.1 [2]:
>
> "This specification REQUIRES implementations to support the
> ECDSAwithSHA256 signature algorithm, which is ECDSA over the P-256
> prime curve specified in Section D.2.3 of FIPS 186-3 [FIPS186-3] (and
> using the SHA-256 hash algorithm). It is further RECOMMENDED that
> implementations also support ECDSA over the P-384 and P-521 prime
> curves; these curves are defined in Sections D.2.4 and D.2.5 of FIPS
> 186-3, respectively."
>
> It is important to realize that by reducing the scope of the
> requirement to a specific curve that this should simplify evaluation
> of whether it is desirable to make this mandatory to implement.
>
> The XML Security WG would also like to note the importance of this
> algorithm to US Government customers, as evidenced by their adoption
> of Suite B [3]. This is reflected in the XML Security WG Use Cases
> and  Requirements document in section 3.5.2.3 [4].
>
> If you have feedback on the suitability of the mandatory to implement
> requirement for ECDSAwithSHA256 algorithm, please indicate on the
> public comment list. A similar question applies to ECDH-ES mandatory
> for XML Encryption 1.1.
>
> (3) if you have any comment on any of the documents recently published
> by the XML Security WG [1] we would appreciate feedback on the public
> comments list.
>
> Thank you
>
> regards, Frederick
>
> Frederick Hirsch, Nokia
> Chair XML Security WG
>
>
>
> (3) if you have any comment on any of the documents recently published
> by the XML Security WG [1] we would appreciate feedback on the public
> comments list.
>
> Thank you
>
> regards, Frederick
>
> Frederick Hirsch, Nokia
> Chair XML Security WG
>
> [1] http://www.w3.org/2008/xmlsec/wiki/RoadmapandPublicationStatus
>
> [2] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm
>
> [3] Fact Sheet NSA Suite B Cryptography, http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
>
> [4] http://www.w3.org/TR/2009/WD-xmlsec-reqs-20090226/#algorithm- 
> suiteb
>

Received on Friday, 24 April 2009 20:25:17 UTC