- From: <Frederick.Hirsch@nokia.com>
- Date: Wed, 30 Nov 2011 17:22:23 +0000
- To: <public-xmlsec@w3.org>
- CC: <Frederick.Hirsch@nokia.com>
This is a Call for Consensus (CfC) to close ISSUE-230 as resolved. ISSUE-230, http://www.w3.org/2008/xmlsec/track/issues/230 : "CBC attack on XML Encryption, http://www.nds.rub.de/research/publications/breaking-xml-encryption/ " To address the CBC attack on XML Encryption, we changed AES128-GCM from Optional to REQUIRED in XML Encryption 1.1 as well as adding warning notes and security consideration text. If you disagree with closing this issue as resolved with this change to XML Encryption 1.1, please note so on the public list. If you agree with closing the issue, please respond indicating support to close the issue. No response will be interpreted as agreement. Please respond by Friday, 9 December. Hearing no objection, the issue will be closed after that date. Thanks regards, Frederick Frederick Hirsch, Nokia Chair XML Security WG For tracker, this should complete ACTION-861
Received on Wednesday, 30 November 2011 17:23:52 UTC