Edit comment LC-2561 for XML Security Working Group

Quick access to LC-2561

Comment LC-2561

Comment Shortname:

Commenter: MURATA Makoto <eb2m-mrt@asahi-net.or.jp>

Message-id:

Section of the document concerned:

[Free text description]Document as a wholeXML Security Generic Hybrid Ciphers /**/ /***********... XML Security Generic Hybrid Ciphers W3C Candidate Recommendation 03 March 2011 Abstract Generic hybrid ciphers allow for a consistent trea... Status of This Document This section describes the status o... Table of Contents 1. Introduction 1.1 Editorial 2. Vers... 1. Introduction This document specifies an XML syntax and p... 1.1 Editorial The key words "must" and "optional" in this s... 2. Versions, Namespaces and Identifiers No provision is mad... 3. Generic Hybrid Ciphers Overview The term "generic hybrid... 4. Algorithms This section discusses and identifies algorit... 4.1 Algorithm Identifiers and Implementation Requirements T... 4.2 Generic Hybrid Encryption Algorithms Generic-hybrid enc... 4.2.1 Generic-Hybrid Identifier: http://www.w3.org/2010/xm... 4.3 Key Encapsulation Algorithms This document specifies tw... 4.3.1 RSAES-KEM Identifier http://www.w3.org/2010/xmlsec-g... 4.3.2 ECIES-KEM Identifier http://www.w3.org/2010/xmlsec-g... 5. Using Key Encapsulation Algorithms for Key Transport Wh... 6. Examples This section is non-normative. 6.1 Key Transpo... 6.1 Key Transport Example The following is a syntactically... 7. Security Considerations Generic hybrid ciphers with key... 8. Conformance An implementation is conformant to this spec... 9. Acknowledgments This section is non-normative. The cont... 10. Schema 10.1 XSD Schema XML Security Generic Hybrid Sc... 10.1 XSD Schema XML Security Generic Hybrid Schema Instanc... 10.2 RNG Schema Non-normative RELAX NG schema [RELAXNG-SCHE... A. References Dated references below are to the latest know... A.1 Normative references [ISO18033-2] Information technolo... [ISO18033-2] [PKCS1] [RFC2119] [XML-NAMES] [XMLDSIG-CORE1] [XMLENC-CORE1] A.2 Informative references [RELAXNG-SCHEMA] Information t... [RELAXNG-SCHEMA] [URI] [XMLSCHEMA-1] [XMLSCHEMA-2] [XMLSEC-RELAXNG]
or

Refinement of the section concerned:

Status:

open proposal pending resolved_yes resolved_no resolved_partial other assigned to Nobody

Type: substantive editorial typo question general comment undefined

Resolution status:

Response drafted Resolution implemented Reply sent to commenter

Response status:

No response from Commenter yet Commenter approved disposition Commenter objected to disposition
Commenter's response (URI):

Comment:

I have to revisit this issue, since a test document gh-example.xml (in
the directory "xml encryption test files")
has

<ds:KeyInfo>
<dsig11:ECKeyValue>
<dsig11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/>
<dsig11:PublicKey>DEADBEEF</dsig11:PublicKey>
</dsig11:ECKeyValue>
</ds:KeyInfo>

To validate this ECKeyValue element, we need the schema for Signature 1.1.

But this example document might be simply incorrect. I see other errors
such as

Algorithm="http://www.w3.org/2009/xmlenc11#GenericHybridCipher"

which is not a valid algorithm identifer. Is my copy obsolete?

Regards,
Makoto

2011/8/19 MURATA Makoto <eb2m-mrt@asahi-net.or.jp>:
> Agreed.  Thanks.
>
> Regards,
> Makoto
>
> 2011/8/17  <frederick.hirsch@nokia.com>:
>>
>>  Dear MURATA Makoto ,
>>
>> The XML Security Working Group has reviewed the comments you sent [1] on
>> the Last Call Working Draft [2] of the XML Encryption Syntax and Processing
>> Version 1.1 published on 13 May 2010. Thank you for having taken the time
>> to review the document and to send us comments!
>>
>> The Working Group's response to your comment is included below.
>>
>> Please review it carefully and let us know by email at
>> public-xmlsec@w3.org if you agree with it or not before 22 August 2011. In
>> case of disagreement, you are requested to provide a specific solution for
>> or a path to a consensus with the Working Group. If such a consensus cannot
>> be achieved, you will be given the opportunity to raise a formal objection
>> which will then be reviewed by the Director during the transition of this
>> document to the next stage in the W3C Recommendation Track.
>>
>> Thanks,
>>
>> For the XML Security Working Group,
>> Thomas Roessler
>> W3C Staff Contact
>>
>>  1.
>> http://www.w3.org/mid/CALvn5EAQnAT-i4xB0HV+29ta0fp=ijcg77BfofM3o1x44U0jQg@mail.gmail.com
>>  2. http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/
>>
>>
>> =====
>>
>> Your comment on 9.1 XSD Schema XML Encryption Core Schema Instance
>> xenc-sc...:
>>> xenc-schema-11.xsd does not import xmldsig11-schema.xsd but
>>> rather import xmldsigschema.xsd.  However, XML Encryption 1.1
>>> normatively references to XML Signature 1.1 rather than 1.0.
>>> Which is correct?
>>
>>
>> Working Group Resolution (LC-2544):
>> The working group decided to not make any change here as
>> xenc-schema-11.xsd does not require any definitions from
>> xmldsig-11-schema.xsd. All that is required is ds:DigestMethod from
>> xmldsigschmema.xsd; so the current inclusion is correct and does not
>> include unnecessary material.
>>
>> Thus the schema import is correct as is the normative reference to XML
>> SIgnature 1.1 (e.g. to pick up normative changes that are not necessarily
>> reflected by schema changes)
>>
>>
>> ----
>>
>>
>>
>>
>
>
>
> --
>
> Praying for the victims of the Japan Tohoku earthquake
>
> Makoto
>

Related issues: (space separated ids)

WG Notes:

Resolution: File corrected, see http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0001.html Updated file available at http://www.w3.org/2008/xmlsec/Drafts/generic-hybrid-ciphers/gh-example.xml No change was required to the specification itself.

(Please make sure the resolution is adapted for public consumption)