- From: <Frederick.Hirsch@nokia.com>
- Date: Wed, 7 Dec 2011 15:12:45 +0000
- To: <tlr@w3.org>
- CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>, <tibor.jager@gmail.com>, <juraj.somorovsky@rub.de>
I have fixed this in the latest editors draft. Thanks to Tibor for the careful review. regards, Frederick Frederick Hirsch Nokia On Dec 7, 2011, at 1:52 AM, ext Thomas Roessler wrote: > Tiber Jäger points out to me that the current draft for XML Enc 1.1 has a minor wording mistake: > >> AES-GCM [SP800-38D] is an authenticated encryption mechanism. It is equivalent to doing these two operations in one step - HMAC signing followed by AES-CBC encryption. > > Correction: > >> AES-GCM […] is an authenticated encryption mechanism. It is equivalent to do these two operations in one step, AES encryption followed by HMAC signing. > > http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.html#sec-AES-GCM > > (The point is to authenticate the ciphertext, not the plaintext.) > > -- > Thomas Roessler, W3C <tlr@w3.org> (@roessler) > > > > > > > >
Received on Wednesday, 7 December 2011 15:14:06 UTC