Call for Consensus on proposed XML Signature 1.1 and XML Encryption 1.1 interop test report updates

• From: <Frederick.Hirsch@nokia.com>
• Date: Wed, 9 May 2012 19:27:34 +0000
• To: <public-xmlsec@w3.org>
• CC: <Frederick.Hirsch@nokia.com>
• Message-ID: <0E5F2C2A-622F-423A-A84C-2E6C934AE255@nokia.com>

Reviewing the draft XML Signature 1.1 and XML Encryption 1.1  interop test reports for open testing items I propose the resolution of the following: (see [1], [2])

1. XML Signature 1.1 "X509Data: Add that the recommended certificate encoding is BER or DER subset." 

not testable and out of scope for interop - remove from interop test report document

2. XML Signature 1.1 "Added exclusive canonicalization with comments as required algorithm"

No need to test - tested as part of bringing Exclusive Canonicalization to Recommendation, http://www.w3.org/Signature/2002/02/01-exc-c14n-interop.html

However, also tested as part of Elliptic Curve testing noted in section 2 of interop test report  document, so this can be marked as done. 

3. XML Signature 1.1 "Added exclusive canonicalization without comments as recommended algorithm"

No need to test - tested as part of bringing "Exclusive XML Canonicalization Version 1.0"  to Recommendation, http://www.w3.org/Signature/2002/02/01-exc-c14n-interop.html

4. XML Signature 1.1 "Add XPath Filter 2.0 as recommended transform algorithm"

No need to test - tested as part of bringing "XML-Signature XPath Filter 2.0"  to Recommendation,  http://www.w3.org/Signature/2002/05/xmldsig-filter2-interop.html

5. XML Encryption 1.1 Add Canonical XML 1.1 (omit comments) as optional, Add Canonical XML 1.1 with comments as optional

No need to test - tested as part of bringing "Canonical XML Version 1.1"  to Recommendation,  http://www.w3.org/2007/xmlsec/interop/xmldsig/c14n11/report.html

6. XML Encryption 1.1 

Clarifications do not require testing (see section 9 of  "XML Encryption 1.1 Interop Test Report"). Propose to remove this section of the report.

For items that do not need testing because they have been tested as part of another Recommendation, I will add a note to that effect to the interop test report.

This is a call for consensus on the above conclusions and actions, which means we will agree to these changes unless concern is expressed on the list. Silence means agreement, though a +1 to the conclusions is preferred. Please respond before our next call, 19th June.

Once agreed I'll edit the "XML Signature 1.1 Interop Test Report"  and XML Encryption 1.1 Interop Test Report" accordingly.

Thanks

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

[1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html

[2] http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/Overview.src.html

Received on Wednesday, 9 May 2012 19:28:08 UTC