This document provides a summary of non-editorial changes in XML Encryption 1.1 from the XML Encryption Recommendation.
In the case of any difference between this document and the XML Encryption 1.1 specification [[XMLENC-CORE1]], the XML Encryption 1.1 specification is authoritative.
This document summarizes non-editorial changes in XML Encryption 1.1 [[XMLENC-CORE1]] from the XML Encryption Recommendation [[XMLENC-CORE]]. A detailed summary of all changes by document section is also available.
Added support for derived keys, in particular:
RetrievalMethoddescription to include
ReferenceListdescription to include
AES-256-padSymmetric Key Wrap algorithms as OPTIONAL.
SHA-384Message Digest as OPTIONAL
For all algorithms added, algorithm identifiers and information were added to the specification.
SHA-1Message Digest to REQUIRED, but DISCOURAGED.
SHA-256Message Digest to REQUIRED
AES-128-GCMBlock Encryption as REQUIRED, added warning about use of CBC block encryption algorithms and reference to paper on attack.
RSA-OAEPKey Transport to be used with arbitrary mask generation functions (e.g.
SHA2based) by defining an additional
URIand significantly revising specification text. Added definition of new
AES-GCMBlock Encryption description of the algorithm as equivalent to encryption followed by signing.
Encodingattribute in the
CipherReferenceelement is defined in XML Signature.
CipherValueelement is used.