- From: Magnus Nystrom <mnystrom@microsoft.com>
- Date: Fri, 21 Jan 2011 16:22:34 +0000
- To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>
- CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
For the X509Digest I suggest using more or less what's in the XMLDisg document (perhaps moving it from there even). For the others, I wasn't really the one driving those additions so I think it may be better if those who were did. -- Magnus > -----Original Message----- > From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] > Sent: Friday, January 21, 2011 5:32 AM > To: Magnus Nystrom > Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org > Subject: Re: XML Security 1.1 Editorial Updates > > Magnus > > I actually forgot that second one, thanks for remembering it. Do you mind > proposing some text? > > regards, Frederick > > Frederick Hirsch > Nokia > > > > On Jan 21, 2011, at 1:23 AM, ext Magnus Nystrom wrote: > > > Looks good Frederick. For the change in 3.3.3.2 I would perhaps have written: > > > > " Note: For consistency with existing public key value element names > (ds:RSAKeyValue, ds:DSAKeyValue), XML Signature 1.1 defined ECKeyValue > instead of ECPublicKey." > > > > You didn't think there was any reason to include anything about: > > > >> - The document does not mention the work that led to the new elements > "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" > >> or "X509Digest". It might be useful to include a motivation for that > >> work? (For dsig11:X509Digest there is already a pretty good motivation in > XML Dsig 1.1.). > > > > then? > > -- Magnus > > > > > >> -----Original Message----- > >> From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] > >> Sent: Thursday, January 20, 2011 1:55 PM > >> To: Magnus Nystrom > >> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org > >> Subject: XML Security 1.1 Editorial Updates > >> > >> I have updated the XML Security 1.1 Requirements editors draft > >> > >> (1) to use ReSpec to pick up common formatting and updated references. > >> > >> (2) I have also made updates related to your comments as noted below > >> (and removed wrapping attack reference since it is not really relevant to 1.1 > updates). > >> > >> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html > >> > >> Please let me also know of any issues with the draft, otherwise I > >> suggest we publish this update in conjunction with the 1.1 CR publications. > >> > >> (Also added wrapping attack reference to 2.0 requirements draft) > >> > >> regards, Frederick > >> > >> Frederick Hirsch > >> Nokia > >> > >> > >> > >> On Jan 18, 2011, at 1:33 AM, ext Magnus Nystrom wrote: > >> > >>> Frederick, All, > >>> I have compared the XML Security 1.1 Requirements and Design > >> Considerations document against our deliverables. A few observations: > >>> > >>> - Section 3.2.3: The sub-subsections of this subsection should > >>> probably be > >> changed to enumerated requirements or else the comparison in Section > >> 3.2.4 is harder to follow. > >> > >> Updated 3.2.3 to include R# in heading to ease referral > >> > >> > >>> - Section 3.2.5.1: Change "cannot meet formally meet" to "cannot > >>> formally > >> meet" > >> fixed > >> > >>> - Section 3.3.2.1: > >>> a) Perhaps add that those requirements also apply to XML Encryption > >>> 1.1, as > >> applicable (e.g. the SHA requirements). > >> > >> agree, done > >> > >> > >>> b) > >> > >>> . > >> > >> Added notes to this effect. > >> > >>> - Section 3.3.3.2: We never defined an ECPublicKey type, we ended up > >>> with > >> ECKeyValue (for good reason). > >> > >> Added a note to this effect. > >> > >> > >>> - The document does not mention the work that led to the new > >>> elements > >> "OCSPResponse", "DEREncodedKeyValue", "KeyInfoReference" or > "X509Digest". > >> It might be useful to include a motivation for that work? (For > >> dsig11:X509Digest there is already a pretty good motivation in XML Dsig > 1.1.). > >>> > >>> Other than that I think this looks good. > >>> > >>> -- Magnus > >>> > >>>> -----Original Message----- > >>>> From: Frederick.Hirsch@nokia.com > >>>> [mailto:Frederick.Hirsch@nokia.com] > >>>> Sent: Monday, January 17, 2011 11:56 AM > >>>> To: Magnus Nystrom > >>>> Cc: Frederick.Hirsch@nokia.com; public-xmlsec@w3.org > >>>> Subject: Editorial updates per ACTION-767 proposals > >>>> > >>>> I've completed the Editorial updates for > >>>> > >>>> 1. XML Encryption 1.1 (also made change to XML Signature 1.1 to > >>>> unify handling of with/omit comments), > >>>> > >>>> 2. the XML Encryption 1.1 explanation document (also changed > >>>> title), and > >>>> > >>>> 3. Generic Hybrid Ciphers. > >>>> > >>>> Still need to look at requirements document. > >>>> > >>>> Open: > >>>> > >>>> Need direct link for X9.44 (not a blocker for CR) Need RFC for > >>>> ECC-ALGS (but not a blocker for CR) Update 1.1 cross references > >>>> when going to CR > >>>> > >>>> regards, Frederick > >>>> > >>>> Frederick Hirsch > >>>> Nokia > >>>> > >>>> > >>>> > >>>> On Jan 17, 2011, at 11:54 AM, ext Magnus Nystrom wrote: > >>>> > >>>>> Frederick, All,, > >>>>> This is in response to ACTION-767 assigned to me last week. > >>>>> > >>>>> I don't know where the references are stored any longer so I have > >>>>> not done > >>>> any changes in the sources themselves but I did note the following: > >>>>> > >>>>> XML Encryption 1.1: > >>>>> ------------------------- > >>>>> - The reference for NFC: The URL should be preceded by the string > >>>>> "URL:" as for other references > >>>>> - The reference for ANSI X9.52 should be linked as the reference > >>>>> for ANSI > >>>> X9.44. As it is right now, one only gets to the generic ANSI home page. > >>>>> - The link to XML Signature Syntax and Processing Version 1.1 will > >>>>> need to be > >>>> updated eventually; same for XML Encryption Syntax and Processing 1.1. > >>>>> - For [ECC-ALGS], we should check if it has been given an RFC > >>>>> number yet. I will > >>>> follow up on this. I believe it should still be informative in this document. > >>>>> > >>>>> Outside of the references: > >>>>> - Section 5.1.1: Should probably be consistent in how we reference > >>>>> the > >>>> "with"/"omit" comments; sometimes we write "(omit comments)" and > >>>> sometimes "with comments" (i.e. without parenthesis) and sometimes > >>>> "comments" is spelled with a capital "C". > >>>>> - Section 8.2, replace "they will be" with "there will be" > >>>>> > >>>>> Explain: > >>>>> ----------- > >>>>> - My affiliation should be changed to Microsoft. > >>>>> - 3.3: Change "Clarify" to "Clarified that" > >>>>> - 5.4.2: That change is not relative to 1.0 and so I am not sure > >>>>> it should be in > >>>> here. > >>>>> - "Message Authentication ..." - change "200900602" to "20090602" > >>>>> - 8.2: Change description of first change to: "Changed "MIME media > >>>>> type > >>>> name" to " Type name" and "MIME subtype name" to "Subtype name" > >>>>> > >>>>> Generic Hybrid Ciphers: > >>>>> ----------------------------- > >>>>> - Section 9, "Acknowledgements" is empty; in line with the other > >>>>> documents I > >>>> suggest removing this section altogether and instead creating a > >>>> Section 1.2 "Acknowledgements" with the following text: > >>>>> > >>>>> The contributions of the following Working Group members to this > >>>> specification are gratefully acknowledged in accordance with the > >>>> contributor policies and the active WG roster: Frederick Hirsch, > >>>> Brian LaMacchia, Thomas Roessler, Magnus Nyström, Bruce Rich, Scott > >>>> Cantor, Hal Lockhart, Cynthia Martin, Ed Simon, Pratik Datta and > >>>> Meiko > >> Jensen. > >>>>> > >>>>> Additionally, we thank Burt Kaliski of EMC for his comments during > >>>>> and > >>>> subsequent to Last Call. > >>>>> > >>>>> - In Appendix A, the URL to [XMLENC-CORE1] and [XMLDSIG-CORE1] > >>>>> should be > >>>> updated, eventually, just as for XML Encryption 1.1. > >>>>> > >>>>> Requirements > >>>>> ----------------- > >>>>> (I was not sure what to do here, but I did check the references > >>>>> section as per below:) > >>>>> - [C14N-REQS]: The URL is different between the hyperlink in the > >>>>> title and the > >>>> explicit URL. > >>>>> - [C14N11]: Same as previous comment > >>>>> - [EXI]: Missing hyperlink in title > >>>>> - [Gajek]: Missing hyperlink in title > >>>>> - [Infoset]: Missing hyperlink in title > >>>>> - [McIntoshAustel] - Missing URL altogether. A possible URL is: > >>>>> http://portal.acm.org/citation.cfm?doid=1103022.1103026 > >>>>> - PKCS #5: Missing hyperlink in title > >>>>> - RFC 2633 is obsoleted by RFC 3851 > >>>>> - SigProp: Different URL for title than for explicit URL. > >>>>> - XMLDsig2nd: Missing hyperlink in title > >>>>> > >>>>> Best, > >>>>> -- Magnus > >>>>> > >>>>> > >>>> > >>> > >> > > >
Received on Friday, 21 January 2011 16:23:20 UTC