RE: Early Draft Algorithms Section

Hi,

An algorithmic role element is like EncryptionMethod or DigestMethod. It tells you what role the algorithm plays. Maybe we only had EncryptionMethod before and my thinking was contaminated by XMLDSIG which has lots of roles but now we may have DigestMethod for the hash of the plaintext...

Agree that cipher data is the better term.

I don't remember why both kw-3des and kw-rc2 are mandatory other than that was the clear consensus by show of hands at the meeting in Cambridge...

Thanks,
Donald

-----Original Message-----
From: Joseph M. Reagle Jr. [mailto:reagle@w3.org]
Sent: Monday, May 14, 2001 3:00 PM
To: Donald Eastlake 3rd
Cc: XML Encryption WG 
Subject: Re: Early Draft Algorithms Section


At 15:17 5/13/2001 -0400, Donald Eastlake 3rd wrote:
>Attached is the current state of my draft of the Algorithms section of
>XML-Encryption.  I welcome any comments.  If the general style is OK, there 
>are several sections that I should be able to complete pretty rapidly....

Looks good!

>5.1 Algorithm Identifiers and Implementation Requirements
>
>All algorithms listed below have implicit parameters depending on their 
>role. For example, the data to be encrypted or decrypted, keying material, 
>and direction of operation (encrypting or decrypting) for encryption 
>algorithms. Any explicit additional parameters to an algorithm appear as 
>content elements within the role element. Such parameter elements have a 
>descriptive element name, which is frequently algorithm specific, and MUST 
>be in the same namespace as the role element or in an algorithm specific 
>namespace. An example of such an explicit parameter could be an encryption 
>initialization vector (IV) although for all encryption algorithms specified 
>herein, the IV appears as part of the "cipher text" block.

I find this paragraph a bit confusing. What is the role element? Since we 
are specifying these URIs, won't we provide all possible parameters? If not, 
you are stating an explicit parameter that we don't defined is externally 
namespace qualified, right?

>algorithms specified herein, the IV appears as part of the "cipher text" 
>block.

In some instance, "cipher text" should be changed to "cipher data" for 
consistency.

>Symmetric Key Wrap
>   CMS-KeyWrap-3DES REQUIRED
>http://www.w3.org/2001/04/xmlenc#kw-3des
>   CMS-KeyWrap-RC2 REQUIRED
>http://www.w3.org/2001/04/xmlenc#kw-rc2
>   AES-KeyWrap REQUIRED

I know this was in the requirements, but I'm can't recall why kw-3des and 
kw-rc2 are both REQUIRED?

>5.3.1 RSA Version 1.5 with Triple DES
>   <CipherData> IWijxQjUrcXBYoCei4QxjWo9Kg8D3p9tlWoT4
>    t0/gyTE96639In0FZFY2/rvP+/bMJ01EArmKZsR5VW3rwoPxw=
></CipherData>

Is that white space in the element content intentional?


__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Tuesday, 15 May 2001 14:06:12 UTC