- From: Joseph Reagle <reagle@w3.org>
- Date: Wed, 5 Dec 2001 11:41:53 -0500
- To: Donald E Eastlake 3rd <dee3@torque.pothole.com>, xml-encryption <xml-encryption@w3.org>
- Cc: lde008@email.mot.com
On Wednesday 05 December 2001 00:49, Donald E Eastlake 3rd wrote: > Attached is a further updated section 5. Changes are: Thanks Don, they are now in: http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/ $Revision: 1.83 $ > (1) While the algorithm table was correct, sections 5.2.2 and 5.6.3 > incorreclty listed AES-192 as REQUIRED and AES-256 as OPTIONAL. It's the > other way around. Now that were in Last Call -> CR transition, does anyone know where we stand on AES key wraps? > (5) Reordering of the concatenation feed to the specified Digest > Algorithm to producing keying material from an agreed secret quantity in > Sedtion 5.5. Note: XML Encryption does NOT provide an on-line key agreement negotiation protocol. The key agreement structure defined here is only suitable for off-line agreement. Agreement based, for example, on trusted recipient key information obtained previously from some public key infrastructure by the originator. If a key has been agreed to via some previous on-line protocol, it would be more natural to use a KeyName or the like to refer to an agreed name. How would you define/distinguish a previous online and previous offline method? -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Wednesday, 5 December 2001 11:42:14 UTC