key encapsulation draft comments

Some initial comments on key encapsulation draft at http://www.w3.org/2008/xmlsec/Drafts/key-encapsulation/key-encapsulation.html

Substantive

(1) I assume that the entire specification can be optional, so MUSTs  
only apply when adherence to the specification is claimed.

(2) I'm not sure why Key Transport is listed in  4.1 and suggest this  
be removed since no URI is being defined here. Use for Key Transport  
should be clear from used of EncryptedKey element, isn't that right?  
Likewise I'm not sure why we have section 4.4.1.

(3) The draft mentions "tight security proofs" but don't all modern  
security algorithms have definitions, assumptions and proofs? What is  
special in this case?  (I  think what is meant here is that the  
"definition" provides security for a combination of key encapsulation  
combined with subsequent encryption, thus addressing in a stronger way  
a requirement for that combination, and having a corresponding  
proof).  We might want a more explicit statement and/or reference to  
the proofs (actually that is in section 6, so maybe link to that  
section).

(4) Is there another reference than ISO/IEC 18033-2 which requires a  
fee? This makes the material hard to review.

Editorial

(1) Abstract, in "Generic hybrid ciphers allows for a consistent  
treatment of asymmetric ciphers when encrypting data and consists of a  
key encapsulation " change "allows" to "allow" and "consists" to  
"consist" to match plural

(2) Abstract, change "XML security" to "XML Security"

(3) Section 3, in "Generic hybrid ciphers allows" change "allows" to  
"allow"

(4) The reference for ISO18033-2 does not lead to the document but  
rather the entire ISO site.

(5) In 4.3.2 link  ISO/IEC 18033-2 seems to be broken:
http://www.w3.org/2008/xmlsec/Drafts/key-encapsulation/key-encapsulation.html#ref-ISO18033-2

regards, Frederick

Frederick Hirsch
Nokia

Received on Monday, 22 June 2009 13:32:35 UTC