RE: proposed XML Encryption 1.1 changes related to OAEP

Frederick,

When you said change the URI for RSA-OAEP http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
I assume you mean create a new URI.  We obviously cannot get rid of the existing URI for backwards compatibility. For example this is the "Basic128" and "Basic256" encryption algorithm in WS-Security and it is the most popularly used.

For OAEPParams,  instead of describing it "label", I would go with "PSource specified".

In your redline you have "ds:EncryptionMethod" and "ds11:MGF"
  EncryptionMethod is in "enc" namespaces.  We should put MGF in enc11 namespace


Pratik

-----Original Message-----
From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] 
Sent: Wednesday, October 05, 2011 9:28 AM
To: public-xmlsec@w3.org
Cc: Frederick.Hirsch@nokia.com
Subject: proposed XML Encryption 1.1 changes related to OAEP

Attached are Redline and clean roll-ups of proposed changes to XML Encryption 1.1 based on our list and call discussion.

Changes:

1. define new optional attribute to EncryptionMethod to convey MGF for OAEP

2. change URI for RSA-OAEP not to assume specific MGF (e.g. decouple to allow change to MGF). This is a significant change to decouple MGF definition from algorithm definition

3. Clarify RSA-OAEP section wording to clarify that digest is specified in DigestMethod Algorithm attribute, MGF in MGF attribute with default of MGF1 with SHA1 if not specified, and Label is optionally in OAEPparams XML element.

4. Incorporated outstanding changes from Scott that were previously agreed but not implemented (I believe)

http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0043.html

Comment?

regards, Frederick

Frederick Hirsch
Nokia

Received on Wednesday, 5 October 2011 17:39:11 UTC