- From: Jim Schaad <jimsch5@home.com>
- Date: Wed, 6 Jun 2001 15:53:10 -0700
- To: "'Blair Dillaway'" <blaird@microsoft.com>, <xml-encryption@w3.org>
> -----Original Message----- > From: xml-encryption-request@w3.org > [mailto:xml-encryption-request@w3.org]On Behalf Of Blair Dillaway > Sent: Wednesday, June 06, 2001 3:14 PM > To: xml-encryption@w3.org > Subject: Comments on 2nd try at Algorithms Section > > > > Just catching up on recent postings. Here are comments on the 2nd > > draft Algorithm section. > > > > Symmetric Key Wrap > > > > As noted earlier by Jim Schaad, the RC2 Key Wrap should be deleted. > > > > The remaining algorithms on the list are, however, > problematic. If we > > use the CMS defined key wrap then I believe we must respecify the > > encoding to use XML rather than ASN.1. I am not opposed this being > > done given the lack of standardized alternatives in this area. We > > also have a problem in that AES key wrap is not yet > defined. Would we > > be allowed to propose a standard with a required algotihm whose > > specification is TBD? I don't think so. So how to we clearly state > > it will become required at some point in the future? > > > > There has been some discussion of using a key deriviation algorithm > > based on a shared symmetric key. I'm not opposed to this as an > > alternative but would like to see a specific proposal based on a > > published standard, or de-facto standard. Blair - don't confuse key derivation and key wrap. The CMS key derivation algorithm uses ASN but the key wrap algorithm does not. As a side note, I have been informed that the AES key wrap algorithm is currently expected to be released in July. (Of course it was originally expected last December.) > > > > Regards, > > Blair > jim
Received on Wednesday, 6 June 2001 18:53:28 UTC