comments on algorithms draft from Frederick Hirsch on 2009-02-10 (public-xmlsec@w3.org from February 2009)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Tue, 10 Feb 2009 17:43:55 -0500
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Message-Id: <DF91EA4E-BEDE-4683-A7B7-5B43F0884A8D@nokia.com>
Comments on algorithms draft [1]. I propose we make these changes  
before First Public Working Draft.

(1) 1st  paragraph in section 3
Replace "(again, and octet-stream)" with "(an octet stream that is  
base64 encoded as noted in Section 4.2 of XML SIgnature)"

(2) Section 3.2
Replace "various variants" with "variants"

(3) Section 3.2, RSA-SHA256
remove references to dsig and 2nd edition, not applicable in this case

(4) Section 3.2 RSA-SHA384, RSA-SHA512

For each, add note:
"This algorithm is under consideration as an optional to implement  
algorithm for a future version of XML Signature."

(5) Section 3.2 RSA-RIPEMD160

This algorithm is not mentioned in the XML Signature 1.1 draft. An  
issue?

(6) Section 3.3 ECDSA-SHA224

This algorithm is not mentioned in the XML Signature 1.1 draft. An  
issue?

(7) section 3.3 ECDSAwithSHA384

replace second ECDSAwithSHA384 with ECDSAwithSHA512

(8) section 3.3 ECDSA-SHA1, ECDSAwithSHA384, ECDSAwithSHA512

for each, add note:
"This algorithm is under consideration as an optional to implement  
algorithm for a future version of XML Signature."

(9) Section 3.4 HMAC-SHA256

Add
"This algorithm is under consideration as a recommended to implement  
algorithm for a future version of XML Signature."

(9) Section 3.4 HMAC-SHA384, HMAC-SHA512

For each, add
"This algorithm is under consideration as an optional to implement  
algorithm for a future version of XML Signature."

(10) Section 3.4 HMAC-RIPEMD160

This algorithm is not mentioned in the XML Signature 1.1 draft. An  
issue?

(11) Section 4.2 SHA-224

This algorithm is not mentioned in the XML Signature 1.1 draft. An  
issue?

(12)  Section 4.2 SHA-256

Remove xml signature and 2nd edition references.

(13) Section 4.2 SHA-384, SHA-512

For each, add
"This algorithm is under consideration as an optional to implement  
algorithm for a future version of XML Signature."

(14) 4.3 RIPEMD-160

Add note:
"This algorithm is listed as optional to implement in XML Encryption  
in section 5.7.4.
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-RIPEMD-160
"

(15) 5.1 Triple DES (CBC mode)
add section and specific link for section:

Section 5.2.1
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-tripledes-cbc

(16) 5.1 AES-128 (CBC mode)
add section and specific link for section:

Section 5.2.2
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-AES

(17) 5.1 AES-192 (CBC mode)
add section and specific link for section:

Section 5.2.2
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-AES

Add note
This algorithm is optional to implement in [XMLENC].


(18) 5.1 AES-256 (CBC mode)
add section and specific link for section:

Section 5.2.2
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-AES

Add note
This algorithm is optional to implement in [XMLENC].

(19) Section 6, RSA-v1.5
add section and specific link for section:

Section 5.4.1
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-RSA-1_5

(20) Section 6, RSA-OAEP
add section and specific link for section:

Section 5.4.2
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-RSA-OAEP

Add note
This algorithm is optional to implement in [XMLENC].

(21) Section 7, Diffie Hellman
add section and specific link for section:

Section 5.5.1
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-DHKeyValue

(22) Section 8, CMS Triple-DES Key Wrap
add section and specific link for section:

Section 5.6.2
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-tripledes

(23) Section 8, AES Key Wrap 128
add section and specific link for section:

Section 5.6.3
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-aes

(24) Section 8, AES Key Wrap 192
add section and specific link for section:

Section 5.6.3
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-aes

Add note
This algorithm is optional to implement in [XMLENC].

(25) Section 8, ES Key Wrap 256
add section and specific link for section:

Section 5.6.3
link = http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/#sec-kw-aes

regards, Frederick

Frederick Hirsch
Nokia


[1] http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html#sec-ripemd160
Received on Tuesday, 10 February 2009 22:44:46 UTC