- From: Donald Eastlake <d3e3e3@gmail.com>
- Date: Mon, 6 Oct 2014 13:23:37 -0400
- To: Frederick Hirsch <frederick.hirsch@nokia.com>
- Cc: public-xmlsec@w3.org, "iesg@ietf.org" <iesg@ietf.org>
Hi, I have posted draft-eastlake-rfc6931bis-xmlsec-uris-00.txt that includes fixes for the three Errata posted against RFC 6931. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com On Thu, Jun 19, 2014 at 4:30 PM, Donald Eastlake <d3e3e3@gmail.com> wrote: > I'm OK with this change. > > There appear to be a total of three errata against RFC 6931. I'll > prepare an rfc6931bis draft although I do not think it will be worth > producing a new RFC until more errata/changes/additions have > accumulated. Nevertheless, since the IANA registry is "Specification > Required", such an rfc6931bis draft can be the basis for fixing up > these errata as they appear in the registry. > > Thanks, > Donald > ============================= > Donald E. Eastlake 3rd +1-508-333-2270 (cell) > 155 Beaver Street, Milford, MA 01757 USA > d3e3e3@gmail.com > > > On Thu, May 29, 2014 at 5:40 PM, RFC Errata System > <rfc-editor@rfc-editor.org> wrote: >> The following errata report has been submitted for RFC6931, >> "Additional XML Security Uniform Resource Identifiers (URIs)". >> >> -------------------------------------- >> You may review the report below and at: >> http://www.rfc-editor.org/errata_search.php?rfc=6931&eid=4004 >> >> -------------------------------------- >> Type: Technical >> Reported by: Frederick Hirsch <frederick.hirsch@nokia.com> >> >> Section: 2.3.11 >> >> Original Text >> ------------- >> 2.3.11. RSA-SHA224 >> >> Identifier: >> http://www.w3.org/2007/05/xmldsig-more#rsa-sha224 >> >> This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described >> in Section 2.3.1, but with the ASN.1 BER SHA-224 algorithm designator >> prefix. An example of use is >> >> <SignatureMethod >> Algorithm="http://www.w3.org/2007/05/xmldsig-more#rsa-sha224" /> >> >> Because it takes about the same effort to calculate a SHA-224 message >> digest as it does a SHA-256 message digest, it is suggested that >> RSA-SHA256 be used in preference to RSA-SHA224 where possible. >> >> Corrected Text >> -------------- >> 2.3.11. RSA-SHA224 >> >> Identifier: >> http://www.w3.org/2001/04/xmldsig-more#rsa-sha224 >> >> This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described >> in Section 2.3.1, but with the ASN.1 BER SHA-224 algorithm designator >> prefix. An example of use is >> >> <SignatureMethod >> Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /> >> >> Because it takes about the same effort to calculate a SHA-224 message >> digest as it does a SHA-256 message digest, it is suggested that >> RSA-SHA256 be used in preference to RSA-SHA224 where possible. >> >> Notes >> ----- >> RFC 6931 should be corrected to use the same identifier for RSA-SHA224 as is used in the W3C Recommendation "XML Signature Syntax and Processing Version 1.1” normative section 6.4.2 ( http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/#sec-PKCS1 ). >> >> This same identifier is also specified in the W3C Note "XML Security Algorithm Cross-Reference” section 3.2 ( http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130411/#RSA ) >> >> At least two shipping code implementations use this value from the W3C Recommendation ; to enable interoperability, avoid confusion and be consistent with the published Recommendation RFC 6931 should be updated to be consistent. >> >> Please note that the revision affects both the identifier URL and the Algorithm attribute value in the 2.3.11 section which is why the entire section is given in the Original and Corrected text above. >> >> Instructions: >> ------------- >> This errata is currently posted as "Reported". If necessary, please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party (IESG) >> can log in to change the status and edit the report, if necessary. >> >> -------------------------------------- >> RFC6931 (draft-eastlake-additional-xmlsec-uris-10) >> -------------------------------------- >> Title : Additional XML Security Uniform Resource Identifiers (URIs) >> Publication Date : April 2013 >> Author(s) : D. Eastlake 3rd >> Category : PROPOSED STANDARD >> Source : IETF - NON WORKING GROUP >> Area : N/A >> Stream : IETF >> Verifying Party : IESG
Received on Monday, 6 October 2014 17:24:25 UTC