XML Security 1.1 Editorial Updates

I have updated the XML Security 1.1 Requirements editors draft 

(1) to use ReSpec to pick up common formatting and updated references. 

(2) I have also made updates related to your comments as noted below (and removed wrapping attack reference since it is not really relevant to 1.1 updates).

http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html

Please let me also know of any issues with the draft, otherwise I suggest we publish this update in conjunction with the 1.1 CR publications. 

(Also added wrapping attack reference to 2.0 requirements draft)

regards, Frederick

Frederick Hirsch
Nokia



On Jan 18, 2011, at 1:33 AM, ext Magnus Nystrom wrote:

> Frederick, All,
> I have compared the XML Security 1.1 Requirements and Design Considerations document against our deliverables. A few observations:
> 
> - Section 3.2.3: The sub-subsections of this subsection should probably be changed to enumerated requirements or else the comparison in Section 3.2.4 is harder to follow.

Updated 3.2.3 to include R# in heading to ease referral


> - Section 3.2.5.1: Change "cannot meet formally meet" to "cannot formally meet"
fixed

> - Section 3.3.2.1:
> a) Perhaps add that those requirements also apply to XML Encryption 1.1, as applicable (e.g. the SHA requirements).

agree, done


> b) 

> .

Added notes to this effect.

> - Section 3.3.3.2: We never defined an ECPublicKey type, we ended up with ECKeyValue (for good reason).

Added a note to this effect.


> - The document does not mention the work that led to the new elements "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" or "X509Digest". It might be useful to include a motivation for that work? (For dsig11:X509Digest there is already a pretty good motivation in XML Dsig 1.1.).
> 
> Other than that I think this looks good.
> 
> -- Magnus
> 
>> -----Original Message-----
>> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
>> Sent: Monday, January 17, 2011 11:56 AM
>> To: Magnus Nystrom
>> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org
>> Subject: Editorial updates per ACTION-767 proposals
>> 
>> I've completed the Editorial updates for
>> 
>> 1. XML Encryption 1.1 (also made change to XML Signature 1.1 to unify handling
>> of with/omit comments),
>> 
>> 2. the XML Encryption 1.1 explanation document (also changed title), and
>> 
>> 3. Generic Hybrid Ciphers.
>> 
>> Still need to look at requirements document.
>> 
>> Open:
>> 
>> Need direct link for X9.44 (not a blocker for CR) Need RFC for ECC-ALGS (but not
>> a blocker for CR) Update 1.1 cross references when going to CR
>> 
>> regards, Frederick
>> 
>> Frederick Hirsch
>> Nokia
>> 
>> 
>> 
>> On Jan 17, 2011, at 11:54 AM, ext Magnus Nystrom wrote:
>> 
>>> Frederick, All,,
>>> This is in response to ACTION-767 assigned to me last week.
>>> 
>>> I don't know where the references are stored any longer so I have not done
>> any changes in the sources themselves but I did note the following:
>>> 
>>> XML Encryption 1.1:
>>> -------------------------
>>> - The reference for NFC: The URL should be preceded by the string
>>> "URL:" as for other references
>>> - The reference for ANSI X9.52 should be linked as the reference for ANSI
>> X9.44. As it is right now, one only gets to the generic ANSI home page.
>>> - The link to XML Signature Syntax and Processing Version 1.1 will need to be
>> updated eventually; same for XML Encryption Syntax and Processing 1.1.
>>> - For [ECC-ALGS], we should check if it has been given an RFC number yet. I will
>> follow up on this. I believe it should still be informative in this document.
>>> 
>>> Outside of the references:
>>> - Section 5.1.1: Should probably be consistent in how we reference the
>> "with"/"omit" comments; sometimes we write "(omit comments)" and
>> sometimes "with comments" (i.e. without parenthesis) and sometimes
>> "comments" is spelled with a capital "C".
>>> - Section 8.2, replace "they will be" with "there will be"
>>> 
>>> Explain:
>>> -----------
>>> - My affiliation should be changed to Microsoft.
>>> - 3.3: Change "Clarify" to "Clarified that"
>>> - 5.4.2: That change is not relative to 1.0 and so I am not sure it should be in
>> here.
>>> - "Message Authentication ..." - change "200900602" to "20090602"
>>> - 8.2: Change description of first change to: "Changed "MIME media type
>> name" to " Type name" and "MIME subtype name" to "Subtype name"
>>> 
>>> Generic Hybrid Ciphers:
>>> -----------------------------
>>> - Section 9, "Acknowledgements" is empty; in line with the other documents I
>> suggest removing this section altogether and instead creating a Section 1.2
>> "Acknowledgements" with the following text:
>>> 
>>> The contributions of the following Working Group members to this
>> specification are gratefully acknowledged in accordance with the contributor
>> policies and the active WG roster: Frederick Hirsch, Brian LaMacchia, Thomas
>> Roessler, Magnus Nyström, Bruce Rich, Scott Cantor, Hal Lockhart, Cynthia
>> Martin, Ed Simon, Pratik Datta and Meiko Jensen.
>>> 
>>> Additionally, we thank Burt Kaliski of EMC for his comments during and
>> subsequent to Last Call.
>>> 
>>> - In Appendix A, the URL to [XMLENC-CORE1] and [XMLDSIG-CORE1] should be
>> updated, eventually, just as for XML Encryption 1.1.
>>> 
>>> Requirements
>>> -----------------
>>> (I was not sure what to do here, but I did check the references
>>> section as per below:)
>>> - [C14N-REQS]: The URL is different between the hyperlink in the title and the
>> explicit URL.
>>> - [C14N11]: Same as previous comment
>>> - [EXI]: Missing hyperlink in title
>>> - [Gajek]: Missing hyperlink in title
>>> - [Infoset]: Missing hyperlink in title
>>> - [McIntoshAustel] - Missing URL altogether. A possible URL is:
>>> http://portal.acm.org/citation.cfm?doid=1103022.1103026
>>> - PKCS #5: Missing hyperlink in title
>>> - RFC 2633 is obsoleted by RFC 3851
>>> - SigProp: Different URL for title than for explicit URL.
>>> - XMLDsig2nd: Missing hyperlink in title
>>> 
>>> Best,
>>> -- Magnus
>>> 
>>> 
>> 
> 

Received on Thursday, 20 January 2011 21:56:00 UTC