W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2002

Re: Editorial Details before publishing REC

From: Tom Gindin <tgindin@us.ibm.com>
Date: Tue, 26 Nov 2002 17:09:00 -0500
To: reagle@w3.org
Cc: <xml-encryption@w3.org>
Message-ID: <OFF3100EBC.8918F278-ON85256C7D.0076FD58@pok.ibm.com>

      FIPS 197 appears to be stable.  CSRC's web page for AES hasn't been
updated all year.
      On the other hand, CMS-AES draft 5 makes no reference to RSA#1 v1.5
until the security considerations section, and IMHO there seems to be
little point in using it as an intermediate reference instead of going
straight to the stable RFC 2437.  You could say that the two RSA variants
are the ones which have been used for key transport in documents of the CMS
series, of course.

            Tom Gindin

Joseph Reagle <reagle@w3.org>@w3.org on 11/26/2002 04:23:35 PM

Please respond to reagle@w3.org

Sent by:    xml-encryption-request@w3.org

To:    <xml-encryption@w3.org>
Subject:    Editorial Details before publishing REC

As we ready to publish the next version of XENC [1] and the Decryption
Transform [2]:

1. We still have two questionable references.

Is FIPS 197 the correct and stable specification for AES? (Any updates?)
    NIST FIPS 197: Advanced Encryption Standard (AES).
    November 2001.

CMS-AES version 04 has expired, but we profile it for our purposes. I'm
willing to update this to version 05 if someone can vouch the substantive
bits that we've profiled have not changed.
  Use of the Advanced Encryption Algorithm in CMS. J. Schaad
  and R. Housley. Internet-Draft, January 2002.

2. Has anyone noted any editorial problems with the bits in red in the two
editorial drafts? If not, they will be the final text! <smile/>

[1] http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/
[2] http://www.w3.org/Encryption/2001/Drafts/xmlenc-decrypt.html
Received on Tuesday, 26 November 2002 17:42:05 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:10 UTC