Revisit MTI Key Agreement Algorithms in XML Encryption (ISSUE-103)

During discussion on the call today, Magnus noted that we have a bit  
of a mess in the forthcoming FPWD for XML Encryption:

- Two key agreement algorithms are defined, Diffie-Hellman and EC D- 
H.  DH is optional (as it has always been), EC D-H is mandatory to  
implement.

- However, there is no mandatory to implement curve for EC D-H.

The result is that (a) our *only* mandatory to implement algorithm is  
currently ECDH, (b) that still doesn't give us interoperability since  
we don't have an agreed curve, (c) the entire feature (which was  
optional before) now turns mandatory to implement.

I'm curious whether anybody here recalls why DH wasn't made mandatory  
in the original version of XML Encryption, and also wonder whether we  
shouldn't really have both key agreement algorithms as REQUIRED if  
ECDH is.

Thoughts?
--
Thomas Roessler, W3C  <tlr@w3.org>

Received on Tuesday, 24 February 2009 20:40:55 UTC