proposed XML Encryption 1.1 changes related to OAEP from Frederick.Hirsch@nokia.com on 2011-10-05 (public-xmlsec@w3.org from October 2011)

From: <Frederick.Hirsch@nokia.com>
Date: Wed, 5 Oct 2011 16:27:34 +0000
To: <public-xmlsec@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <A987BFC9-3E83-4D2A-AC17-7FD35F4A8DD1@nokia.com>

Attached are Redline and clean roll-ups of proposed changes to XML Encryption 1.1 based on our list and call discussion.

Changes:

1. define new optional attribute to EncryptionMethod to convey MGF for OAEP

2. change URI for RSA-OAEP not to assume specific MGF (e.g. decouple to allow change to MGF). This is a significant change to decouple MGF definition from algorithm definition

3. Clarify RSA-OAEP section wording to clarify that digest is specified in DigestMethod Algorithm attribute, MGF in MGF attribute with default of MGF1 with SHA1 if not specified, and Label is optionally in OAEPparams XML element.

4. Incorporated outstanding changes from Scott that were previously agreed but not implemented (I believe)

http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0043.html

Comment?

regards, Frederick

Frederick Hirsch
Nokia

Attachments

application/pdf attachment: encryption-proposal-clean.pdf
application/pdf attachment: encryption-proposal-redline.pdf

Received on Wednesday, 5 October 2011 16:29:01 UTC