Hi Frederick, On Thu, Feb 7, 2013 at 4:24 PM, <frederick.hir...@nokia.com> wrote: > Don > > I've received feedback from XML Security working group members that propose > you change the URIs in the draft RFC for AES Key Wrap with Padding to match > what is in XML Encryption 1.1, both because we are going to Recommendation > and because there is code that currently uses those values. > > Can you please make the change, using the xmlenc11 URIs I listed below in > item 1?
Sure, I'll do that. > Thanks > regards, Frederick > > Frederick Hirsch > Nokia > > > On Feb 7, 2013, at 11:04 AM, wrote: > >> Donald >> >> Some additional comments on draft >> http://tools.ietf.org/pdf/draft-eastlake-additional-xmlsec-uris-08.pdf >> >> sorry about the delay getting these comments to you. >> >> (1) We have defined different *informative* URIs for AES Key Wrap with >> Padding in XML Encryption 1.1 >> [http://www.w3.org/TR/xmlenc-core1/#sec-kw-aes-with-pad] which are different >> from those in the RFC, namely >> >> http://www.w3.org/2009/xmlenc11#kw-aes-128-pad >> http://www.w3.org/2009/xmlenc11#kw-aes-192-pad >> http://www.w3.org/2009/xmlenc11#kw-aes-256-pad >> >> I suggest we change this informative appendix of XML Encryption 1.1 (and the >> Security Algorithms Cross-Reference) to match what is in the RFC draft. >> Thomas, is there any problem with that at this PR stage? >> >> Those in the RFC draft are: >> >> http://www.w3.org/2007/05/xmldsig-more#kw-aes128-pad >> http://www.w3.org/2007/05/xmldsig-more#kw-aes192-pad >> http://www.w3.org/2007/05/xmldsig-more#kw-aes256-pad As above, I'll change the draft to use the ...//2009/xmlenc11#... URIs. >> (2) ConcatKDF fragment needs fixing in 4.1 and change log Appendix A due to >> a typo >> >> "2009/xmlenc11#ConctKDF [XMLENC]" should be "2009/xmlenc11#ConcatKDF >> [XMLENC]" >> >> "#ConctKDF," should be "#ConcatKDF," OK. >> (3) To some degree the fragment index and URI index replicate the published >> W3C Note, XML Security Algorithm Cross-Reference and could be incorporated >> there. If you would like to incorporate this information there, that seems fine. But I'd like to leave it in the draft also. >> (4) I suggest an update to the Introduction to mention XML Security 1.1 as >> follows >> >> after "All of these standards and recommendations use URIs [RFC3986] to >> identify algorithms and keying information types." >> >> add >> >> "The W3C has subsequently produced updated XML Signature 1.1 [XMLDSIG11] >> and XML Encryption 1.1 [XMLENC11} versions as well as a new XML Signature >> Properties specification [XMLDSIG-PROPERTIES]. OK. >> (5) Typo in introduction >> >> "Canoncialization" should be "Canonicalization" OK. >> (6) References >> >> Add references to XML Signature 1.1, XML Encryption 1.1, XML Signature >> Properties, XML Security Algorithm Cross-Reference (all to be updated upon >> Recommendation publication) The current draft does have references to XML Signature 1.1 and XML Encryption 1.1. The RFC Reference format permits multiple document under a single tag and both 1.0 and 1.1 are included under the [XMLDSIG] and [XMLENC] tags. I'll add the other two documents. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e...@gmail.com >> Signature properties has added a namespace: xmlns >> dsp="http://www.w3.org/2009/xmldsig-properties"; >> >> [XMLDSIG-CORE1] >> D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, K. Yiu. XML >> Signature Syntax and Processing Version 1.1. 24 January 2013. W3C Proposed >> Recommendation. (Work in progress) >> URL:http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/ >> >> [XMLENC-CORE1] >> J. Reagle; D. Eastlake; F. Hirsch; T. Roessler. XML Encryption Syntax and >> Processing Version 1.1. 24 January 2013. W3C Proposed Recommendation. (Work >> in progress) URL:http://www.w3.org/TR/2013/PR-xmlenc-core1-20130124/ >> >> [XMLDSIG-PROPERTIES] >> Frederick Hirsch. XML Signature Properties. 24 January 2013. W3C Proposed >> Recommendation. (Work in progress.) URL: >> http://www.w3.org/TR/2013/PR-xmldsig-properties-20130124/ >> >> [XMLSEC-ALGS] F Hirsch, T Roessler, K Yiu XML Security Algorithm >> Cross-Reference, 24 January 2013 W3C Working Group Note >> http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130124/ >> >> >> regards, Frederick >> >> Frederick Hirsch, Nokia >> Chair XML Security WG
