- From: Magnus Nystrom <mnystrom@microsoft.com>
- Date: Mon, 1 Mar 2010 05:09:22 +0000
- To: "XMLSec WG Public List (public-xmlsec@w3.org)" <public-xmlsec@w3.org>
Received on Monday, 1 March 2010 05:10:14 UTC
Dear all, This is in response to ACTION-528 that was assigned to me during this week's call. I reviewed the latest XML DSig draft and the latest XML Enc draft. I am not sure when the text in Section 4.5.8 of XML DSig 1.1 got added, but it is, as Frederick noticed, clearly not correct. I suggest a change to: " 4.5.8 XML Encryption EncryptedKey and DerivedKey Elements The <xenc:EncryptedKey> and <xenc11:DerivedKey> elements defined in [XMLENC-CORE1<http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#bib-XMLENC-CORE1>] as children of ds:KeyInfo can be used to convey in-band encrypted or derived key material. In particular, the <xenc:DerivedKey> element may be present when the key used in calculating a Message Authentication Code is derived from a shared secret. " Also, I noted that the current draft of XML Enc 1.1 (at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/) does not link to the 1.1 schema (of which I found one copy at: http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/xenc-schema-11.xsd), but rather twice to the 1.0 schema (at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/xenc-schema.xsd) -- Magnus
Received on Monday, 1 March 2010 05:10:14 UTC