This document provides a summary of non-editorial changes in XML Encryption 1.1 from the XML Encryption Recommendation.
This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/.
In the case of any difference between this document and the XML Encryption 1.1 specification [XMLENC-CORE1], the XML Encryption 1.1 specification is authoritative.
This document was published by the XML Security Working Group as a Working Group Note. If you wish to make comments regarding this document, please send them to firstname.lastname@example.org (subscribe, archives). All comments are welcome.
Publication as a Working Group Note does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
This document summarizes non-editorial changes in XML Encryption 1.1 [XMLENC-CORE1] from the XML Encryption Recommendation [XMLENC-CORE].
Added support for derived keys, in particular:
RetrievalMethoddescription to include
ReferenceListdescription to include
AES-256-padSymmetric Key Wrap algorithms as optional.
SHA-384Message Digest as optional
For all algorithms added, algorithm identifiers and information were added to the specification.
SHA-1Message Digest to required, but DISCOURAGED.
SHA-256Message Digest to required
AES-128-GCMBlock Encryption as required, added warning about use of CBC block encryption algorithms and reference to paper on attack.
RSA-OAEPKey Transport to be used with arbitrary mask generation functions (e.g.
SHA2based) by defining an additional
URIand significantly revising specification text. Added definition of new
AES-GCMBlock Encryption description of the algorithm as equivalent to encryption followed by signing.
Encodingattribute in the
CipherReferenceelement is defined in XML Signature.
CipherValueelement is used.
Dated references below are to the latest known or appropriate edition of the referenced work. The referenced works may be subject to revision, and conformant implementations may follow, and are encouraged to investigate the appropriateness of following, some or all more recent editions or replacements of the works cited. It is in each case implementation-defined which editions are supported.