- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Thu, 08 Apr 2010 11:28:05 +0200
- To: Satoru Kanno <kanno.satoru@po.ntts.co.jp>
- CC: Frederick Hirsch <frederick.hirsch@nokia.com>, public-xmlsec-comments@w3.org, kanda.masayuki@lab.ntt.co.jp, XMLSec WG Public List <public-xmlsec@w3.org>
I strongly support the idea of a limited set of MANDATORY algorithms but I would not feel too awkward about having an appendix with (non-normative) extension objects that could contain Camellia. It is not perfect but it is a least best better than nothing and for an implementer it gives about the same results :-) (I'm an implementer...) Anders http://webpki.org/auth-token-4-the-cloud.html Satoru Kanno wrote: > Dear Frederick, > > We strongly appreciated your discussing again for Camellia cipher. > Although we can understand your resolution, we greatly expected to add > Camellia cipher to XML Encryption 1.1 because there are XML encryption > products loading Camellia, e.g., XSECT Library of IAIK-Java. > > Anyway, we wish Camellia to be implemented in XML Encryption library > as well as AES. > If so in the future, we hope to discuss the adoption of Camellia into > XML Encryption again. > > Best regards, > Satoru > > > (2010/04/07 8:42), Frederick Hirsch wrote: >> Satoru >> >> The XML Security WG discussed your original request to add the Camelia >> cipher to XML Encryption 1.1 on 16 June 2009 [1] after you raised it >> last year [2]. At that time the Working Group (WG) decided not to add >> this additional algorithm to the XML Encryption 1.1 specification, but >> to include it in the XML Security Algorithms Cross Reference [3]. We >> documented the decision to add it to the cross-reference but did not >> formally make a resolution to not add it to XML Encryption 1.1 At the 30 >> March 2010 teleconference the WG re-affirmed its previous decision and >> made a formal resolution not to add Camelia to XML Encryption 1.1, to >> document the decision for the record [4]. >> >> The reason the WG decided not to include this algorithm in the XML >> Encryption 1.1 specification itself has not changed. The rationale is >> that the XML Encryption 1.1 specification itself should include a >> minimum set of algorithm definitions and rely on extension points to >> allow additional algorithms. There are two reasons for this. First, >> algorithms included in the specification should have wide implementation >> support as evidenced by interop testing performed during the development >> of the specification, and adding additional algorithms has a WG cost in >> terms of formally testing interoperability. Secondly, including >> additional algorithms imposes additional costs and requirements on >> developers. >> >> However, since XML Encryption 1.1 is extensible, adoption of Camelia is >> possible with it. To enable this and facilitate the discovery of >> information about algorithms the WG has created the XML Security >> Algorithms Cross Reference and has included Camelia in it. >> >> Unless we have new arguments for adding this algorithm suite to the XML >> Encryption 1.1 we shall consider this issue closed (ISSUE-195 and >> ISSUE-134). >> >> Thank you. >> >> regards, Frederick >> >> Frederick Hirsch, Nokia >> Chair XML Security WG >> >> [1] http://www.w3.org/2009/06/16-xmlsec-minutes.html#item09 >> >> [2] ISSUE-134 , http://www.w3.org/2008/xmlsec/track/issues/134 >> >> [3] http://www.w3.org/TR/2010/WD-xmlsec-algorithms-20100316/ >> >> [4] http://www.w3.org/2010/03/30-xmlsec-minutes.html >> >> >> >> On Mar 18, 2010, at 12:20 AM, ext Satoru Kanno wrote: >> >>> Hi, Folks >>> >>> We have a comment for the latest Working Draft of Encryption 1.1. >>> >>> We strongly think that the Camellia cipher should be adopted >>> by not only Cross-Reference but also XML Encryption 1.1. >>> Because the Camellia cipher is described in RFC4051, which is Standard >>> track RFC. >>> >>> Does this have any problems? >>> >>> Of course, current Cross-Reference document already includes the >>> Camellia cipher. >>> >>> For your information, Camellia has been already adopted in TLS, >>> IPsec, S/MIME, OpenPGPG, Kerberos (plans), and other standards. >>> In addition, as open source software, Camellia is loaded to OpenSSL, >>> Firefox, Linux, FreeBSD, MIT Kerberos KRB5 (scheduled), and so on. >>> For more information on Camellia cipher, please see at; >>> http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html >>> >>> Best regards, >>> >>> -- >>> Satoru Kanno >>> >>> Security Business Unit >>> Mobile and Security Solution Business Group >>> NTT Software Corporation >>> >>> e-mail: kanno.satoru@po.ntts.co.jp >>> >>> >>> >> >> >> > >
Received on Thursday, 8 April 2010 09:28:38 UTC