- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Tue, 6 Apr 2010 19:42:00 -0400
- To: ext Satoru Kanno <kanno.satoru@po.ntts.co.jp>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, public-xmlsec-comments@w3.org, kanda.masayuki@lab.ntt.co.jp, XMLSec WG Public List <public-xmlsec@w3.org>
Satoru The XML Security WG discussed your original request to add the Camelia cipher to XML Encryption 1.1 on 16 June 2009 [1] after you raised it last year [2]. At that time the Working Group (WG) decided not to add this additional algorithm to the XML Encryption 1.1 specification, but to include it in the XML Security Algorithms Cross Reference [3]. We documented the decision to add it to the cross- reference but did not formally make a resolution to not add it to XML Encryption 1.1 At the 30 March 2010 teleconference the WG re-affirmed its previous decision and made a formal resolution not to add Camelia to XML Encryption 1.1, to document the decision for the record [4]. The reason the WG decided not to include this algorithm in the XML Encryption 1.1 specification itself has not changed. The rationale is that the XML Encryption 1.1 specification itself should include a minimum set of algorithm definitions and rely on extension points to allow additional algorithms. There are two reasons for this. First, algorithms included in the specification should have wide implementation support as evidenced by interop testing performed during the development of the specification, and adding additional algorithms has a WG cost in terms of formally testing interoperability. Secondly, including additional algorithms imposes additional costs and requirements on developers. However, since XML Encryption 1.1 is extensible, adoption of Camelia is possible with it. To enable this and facilitate the discovery of information about algorithms the WG has created the XML Security Algorithms Cross Reference and has included Camelia in it. Unless we have new arguments for adding this algorithm suite to the XML Encryption 1.1 we shall consider this issue closed (ISSUE-195 and ISSUE-134). Thank you. regards, Frederick Frederick Hirsch, Nokia Chair XML Security WG [1] http://www.w3.org/2009/06/16-xmlsec-minutes.html#item09 [2] ISSUE-134 , http://www.w3.org/2008/xmlsec/track/issues/134 [3] http://www.w3.org/TR/2010/WD-xmlsec-algorithms-20100316/ [4] http://www.w3.org/2010/03/30-xmlsec-minutes.html On Mar 18, 2010, at 12:20 AM, ext Satoru Kanno wrote: > Hi, Folks > > We have a comment for the latest Working Draft of Encryption 1.1. > > We strongly think that the Camellia cipher should be adopted > by not only Cross-Reference but also XML Encryption 1.1. > Because the Camellia cipher is described in RFC4051, which is Standard > track RFC. > > Does this have any problems? > > Of course, current Cross-Reference document already includes the > Camellia cipher. > > For your information, Camellia has been already adopted in TLS, > IPsec, S/MIME, OpenPGPG, Kerberos (plans), and other standards. > In addition, as open source software, Camellia is loaded to OpenSSL, > Firefox, Linux, FreeBSD, MIT Kerberos KRB5 (scheduled), and so on. > For more information on Camellia cipher, please see at; > http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html > > Best regards, > > -- > Satoru Kanno > > Security Business Unit > Mobile and Security Solution Business Group > NTT Software Corporation > > e-mail: kanno.satoru@po.ntts.co.jp > > >
Received on Tuesday, 6 April 2010 23:42:59 UTC