- From: Ahmed, Zahid <zahid.ahmed@commerceone.com>
- Date: Wed, 19 Jun 2002 15:06:03 -0700
- To: "'Donald Eastlake 3rd'" <dee3@torque.pothole.com>
- Cc: "'reagle@w3.org'" <reagle@w3.org>, "'xml-encryption@w3.org'" <xml-encryption@w3.org>, "Sanfilippo, Joe" <joe.sanfilippo@commerceone.com>
- Message-ID: <C1E0143CD365A445A4417083BF6F42CC02F890DC@C1plenaexm07.commerceone.com>
Hi Don, I agree that we should any new encryption URIs in the draft-eastlake-xmldsig-uri-02.txt document. Specifically, we should seriously consider adding: 1) URI for "DES/CBC/XMLENCPadding" i.e, 56-bit DES encryption; e.g., <some-base-URI>/xmlenc#des-cbc Furthermore, it is not clear if RC4 and RC2 URIs are standardized for XML encryption enabled applications. If not already standardized, I recommend that we also add them: 2) URI for RC4 56-bit and 128-bit encryption; e.g., <some-base-URI>/xmlenc#rc4-56 <some-base-URI>/xmlenc#rc4-128 3) URI for RC2 56-bit and 128-bit encryption; e.g., <some-base-URI>/xmlenc#rc2-56 <some-base-URI>/xmlenc#rc2-128 I think this would allow URI interoperability of some commonly used symmetric encryption algorithms and will also not require any changes to XML Encryption spec. thanks, Zahid -----Original Message----- From: Donald Eastlake 3rd [mailto:dee3@torque.pothole.com] Sent: Tuesday, June 18, 2002 9:15 PM To: Ahmed, Zahid Cc: 'reagle@w3.org'; 'xml-encryption@w3.org'; 'blaird@microsoft.com'; 'IMAMU@jp.ibm.com'; Sanfilippo, Joe Subject: Re: W3C Encryption Support for DES, RC2, and RC4 Symmetric Encryptio n Algorithms There is already one encryption algorithm in ftp://ftp.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt I suppose I could add some more. Donald ====================================================================== Donald E. Eastlake 3rd dee3@torque.pothole.com 155 Beaver Street +1-508-634-2066(h) +1-508-851-8280(w) Milford, MA 01757 USA Donald.Eastlake@motorola.com On Tue, 18 Jun 2002, Ahmed, Zahid wrote: > Date: Tue, 18 Jun 2002 16:29:07 -0700 > From: "Ahmed, Zahid" <zahid.ahmed@commerceone.com> > To: "'reagle@w3.org'" <reagle@w3.org>, > "'dee3@torque.pothole.com'" <dee3@torque.pothole.com>, > "'xml-encryption@w3.org'" <xml-encryption@w3.org> > Cc: "'blaird@microsoft.com'" <blaird@microsoft.com>, > "'IMAMU@jp.ibm.com'" <IMAMU@jp.ibm.com>, > "Sanfilippo, Joe" <joe.sanfilippo@commerceone.com> > Subject: W3C Encryption Support for DES, RC2, > and RC4 Symmetric Encryptio n Algorithms > > Reviewing the latest XML Encryption Candidate Recommendation spec, it seems > that only > following symmetric encryption algorithms are required: > 1) AES/CBC (128-bit, 192-, and 256-bits) > 2) Triple-DES/CBC are required in XML Encryption implementations. > > However, we are curious if there are any plans to also the option to support > other > encryption algorithms such as: DES, RC2 (56- and 128-bit), and RC4 (56- and > 128-bit). > > I understand the propensity of avoiding the usage of weak encryption > algorithms, > but there may be some scenarious where this may be useful, e.g., > compatibility > with PKCS7/SMIME encryption which has similar support or siutations where > encryption exports from US requires weaker encryption option. Now, we do > understand that XML Encryption implementatiln providers could expose the > use of such encryption alogirthms and key-lengths, but we would need > standardized support for the relevant URIs for DES, RC2, and RC4 to ensure > interoperability of the relevant URIs that define these additional > encryption options. > > thanks, > Zahid > > >
Received on Wednesday, 19 June 2002 18:06:25 UTC