- From: <Frederick.Hirsch@nokia.com>
- Date: Fri, 21 Jan 2011 14:31:39 +0100
- To: <mnystrom@microsoft.com>
- CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Magnus I actually forgot that second one, thanks for remembering it. Do you mind proposing some text? regards, Frederick Frederick Hirsch Nokia On Jan 21, 2011, at 1:23 AM, ext Magnus Nystrom wrote: > Looks good Frederick. For the change in 3.3.3.2 I would perhaps have written: > > " Note: For consistency with existing public key value element names (ds:RSAKeyValue, ds:DSAKeyValue), XML Signature 1.1 defined ECKeyValue instead of ECPublicKey." > > You didn't think there was any reason to include anything about: > >> - The document does not mention the work that led to the new elements "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" >> or "X509Digest". It might be useful to include a motivation for that work? (For dsig11:X509Digest there is already a pretty good motivation >> in XML Dsig 1.1.). > > then? > -- Magnus > > >> -----Original Message----- >> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] >> Sent: Thursday, January 20, 2011 1:55 PM >> To: Magnus Nystrom >> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org >> Subject: XML Security 1.1 Editorial Updates >> >> I have updated the XML Security 1.1 Requirements editors draft >> >> (1) to use ReSpec to pick up common formatting and updated references. >> >> (2) I have also made updates related to your comments as noted below (and >> removed wrapping attack reference since it is not really relevant to 1.1 updates). >> >> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html >> >> Please let me also know of any issues with the draft, otherwise I suggest we >> publish this update in conjunction with the 1.1 CR publications. >> >> (Also added wrapping attack reference to 2.0 requirements draft) >> >> regards, Frederick >> >> Frederick Hirsch >> Nokia >> >> >> >> On Jan 18, 2011, at 1:33 AM, ext Magnus Nystrom wrote: >> >>> Frederick, All, >>> I have compared the XML Security 1.1 Requirements and Design >> Considerations document against our deliverables. A few observations: >>> >>> - Section 3.2.3: The sub-subsections of this subsection should probably be >> changed to enumerated requirements or else the comparison in Section 3.2.4 is >> harder to follow. >> >> Updated 3.2.3 to include R# in heading to ease referral >> >> >>> - Section 3.2.5.1: Change "cannot meet formally meet" to "cannot formally >> meet" >> fixed >> >>> - Section 3.3.2.1: >>> a) Perhaps add that those requirements also apply to XML Encryption 1.1, as >> applicable (e.g. the SHA requirements). >> >> agree, done >> >> >>> b) >> >>> . >> >> Added notes to this effect. >> >>> - Section 3.3.3.2: We never defined an ECPublicKey type, we ended up with >> ECKeyValue (for good reason). >> >> Added a note to this effect. >> >> >>> - The document does not mention the work that led to the new elements >> "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" or "X509Digest". >> It might be useful to include a motivation for that work? (For dsig11:X509Digest >> there is already a pretty good motivation in XML Dsig 1.1.). >>> >>> Other than that I think this looks good. >>> >>> -- Magnus >>> >>>> -----Original Message----- >>>> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] >>>> Sent: Monday, January 17, 2011 11:56 AM >>>> To: Magnus Nystrom >>>> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org >>>> Subject: Editorial updates per ACTION-767 proposals >>>> >>>> I've completed the Editorial updates for >>>> >>>> 1. XML Encryption 1.1 (also made change to XML Signature 1.1 to unify >>>> handling of with/omit comments), >>>> >>>> 2. the XML Encryption 1.1 explanation document (also changed title), >>>> and >>>> >>>> 3. Generic Hybrid Ciphers. >>>> >>>> Still need to look at requirements document. >>>> >>>> Open: >>>> >>>> Need direct link for X9.44 (not a blocker for CR) Need RFC for >>>> ECC-ALGS (but not a blocker for CR) Update 1.1 cross references when >>>> going to CR >>>> >>>> regards, Frederick >>>> >>>> Frederick Hirsch >>>> Nokia >>>> >>>> >>>> >>>> On Jan 17, 2011, at 11:54 AM, ext Magnus Nystrom wrote: >>>> >>>>> Frederick, All,, >>>>> This is in response to ACTION-767 assigned to me last week. >>>>> >>>>> I don't know where the references are stored any longer so I have >>>>> not done >>>> any changes in the sources themselves but I did note the following: >>>>> >>>>> XML Encryption 1.1: >>>>> ------------------------- >>>>> - The reference for NFC: The URL should be preceded by the string >>>>> "URL:" as for other references >>>>> - The reference for ANSI X9.52 should be linked as the reference for >>>>> ANSI >>>> X9.44. As it is right now, one only gets to the generic ANSI home page. >>>>> - The link to XML Signature Syntax and Processing Version 1.1 will >>>>> need to be >>>> updated eventually; same for XML Encryption Syntax and Processing 1.1. >>>>> - For [ECC-ALGS], we should check if it has been given an RFC number >>>>> yet. I will >>>> follow up on this. I believe it should still be informative in this document. >>>>> >>>>> Outside of the references: >>>>> - Section 5.1.1: Should probably be consistent in how we reference >>>>> the >>>> "with"/"omit" comments; sometimes we write "(omit comments)" and >>>> sometimes "with comments" (i.e. without parenthesis) and sometimes >>>> "comments" is spelled with a capital "C". >>>>> - Section 8.2, replace "they will be" with "there will be" >>>>> >>>>> Explain: >>>>> ----------- >>>>> - My affiliation should be changed to Microsoft. >>>>> - 3.3: Change "Clarify" to "Clarified that" >>>>> - 5.4.2: That change is not relative to 1.0 and so I am not sure it >>>>> should be in >>>> here. >>>>> - "Message Authentication ..." - change "200900602" to "20090602" >>>>> - 8.2: Change description of first change to: "Changed "MIME media >>>>> type >>>> name" to " Type name" and "MIME subtype name" to "Subtype name" >>>>> >>>>> Generic Hybrid Ciphers: >>>>> ----------------------------- >>>>> - Section 9, "Acknowledgements" is empty; in line with the other >>>>> documents I >>>> suggest removing this section altogether and instead creating a >>>> Section 1.2 "Acknowledgements" with the following text: >>>>> >>>>> The contributions of the following Working Group members to this >>>> specification are gratefully acknowledged in accordance with the >>>> contributor policies and the active WG roster: Frederick Hirsch, >>>> Brian LaMacchia, Thomas Roessler, Magnus Nyström, Bruce Rich, Scott >>>> Cantor, Hal Lockhart, Cynthia Martin, Ed Simon, Pratik Datta and Meiko >> Jensen. >>>>> >>>>> Additionally, we thank Burt Kaliski of EMC for his comments during >>>>> and >>>> subsequent to Last Call. >>>>> >>>>> - In Appendix A, the URL to [XMLENC-CORE1] and [XMLDSIG-CORE1] >>>>> should be >>>> updated, eventually, just as for XML Encryption 1.1. >>>>> >>>>> Requirements >>>>> ----------------- >>>>> (I was not sure what to do here, but I did check the references >>>>> section as per below:) >>>>> - [C14N-REQS]: The URL is different between the hyperlink in the >>>>> title and the >>>> explicit URL. >>>>> - [C14N11]: Same as previous comment >>>>> - [EXI]: Missing hyperlink in title >>>>> - [Gajek]: Missing hyperlink in title >>>>> - [Infoset]: Missing hyperlink in title >>>>> - [McIntoshAustel] - Missing URL altogether. A possible URL is: >>>>> http://portal.acm.org/citation.cfm?doid=1103022.1103026 >>>>> - PKCS #5: Missing hyperlink in title >>>>> - RFC 2633 is obsoleted by RFC 3851 >>>>> - SigProp: Different URL for title than for explicit URL. >>>>> - XMLDsig2nd: Missing hyperlink in title >>>>> >>>>> Best, >>>>> -- Magnus >>>>> >>>>> >>>> >>> >> >
Received on Friday, 21 January 2011 13:32:22 UTC