Re: ISSUE-157 on Signature 1.1 Section 4.10, proposal, proposal, please review

How about replacing section 4.10 with a new section "Key Agreement and Derived Keys", roughly like this:

> Use of the MgmtData element is deprecated.
> 
> The <xenc:EncryptedKey> and <xenc:Agreement> elements defined in [ENC11] as children of ds:KeyInfo can be used to convey in-band key agreement information, or encrypted key material.

--
Thomas Roessler, W3C  <tlr@w3.org>







On 5 Dec 2009, at 02:14, Frederick Hirsch wrote:

> new issue, ISSUE-157
> 
> section 4.10 The MgmtData Element
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-MgmtData
> 
> refers to non-existent XML Encryption WG with a place holder.
> 
> [[ The MgmtData element within KeyInfo is a string value used to convey in-band key distribution or agreement data. For example, DH key exchange, RSA key encryption, etc. Use of this element is NOT RECOMMENDED. It provides a syntactic hook where in-band key distribution or agreement data can be placed. However, superior interoperable child elements of KeyInfo for the transmission of encrypted keys and for key agreement are being specified by the W3C XML Encryption Working Group and they should be used instead of MgmtData. ]]
> 
> Maybe it is time we changed this :)
> 
> How about
> 
> [[ The MgmtData element within KeyInfo is a string value used to convey in-band key distribution or agreement data. Use of this element is NOT RECOMMENDED.
> Key Transport algorithms conveyed as part of the ds:KeyInfo/xenc:EncryptedKey element, as defined in the XML Encryption 1.1 section on Key Transport, are to be used instead. ]]
> 
> Can we deprecate the element in this 1.1 release? Does the proposal make sense or did I misinterpret this?
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> 
> 

Received on Monday, 7 December 2009 14:47:40 UTC