Re: block encryption algorithm padding

On Thursday 11 April 2002 14:26, Aleksey Sanin wrote:
> As I said before from my point of vew the current proposed padding makes
> XML Enc non-interop with RFC1423 and from my expirience it makes
> harder to follow XML Enc standard for implementors.

Aside from questions of myth, what an RFC means, and who knows Ron Rivest 
(he's a couple offices down from me but I fear it doesn't rub off on me! 
<smile/>), I think the simple issue is we already have interop over what 
has been specified and it's hard to break that without a consensus of what 
was specified is broken. In this case, the non-interop with RFC1423 is a 
fact, but we didn't have a requirement to use that and we had reasons 
for not using it. I'm open to a parenthetical comment in the spec to this 
point if it's likely to be a surprise to others. And the fact that it isn't 
common in the libraries you are using is unfortunate but remediable.

I've documented the issue in [1] and will mark it closed unless there's an 
objection that it should stay open to consideration by the Director when I 
request document advancement.

[1] http://www.w3.org/Encryption/2001/11/last-call-issues.html#CandidateREC

-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Friday, 12 April 2002 16:01:25 UTC