- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Mon, 1 Mar 2010 09:06:54 -0500
- To: ext Magnus Nystrom <mnystrom@microsoft.com>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, "XMLSec WG Public List (public-xmlsec@w3.org)" <public-xmlsec@w3.org>
Thanks Magnus, this is what I thought the change should be. I'll update the editors draft, since what we currently have is clearly incorrect (ACTION-532). This should address ISSUE-188. If anyone has any concern with this resolution, please indicate so before our call tomorrow. regards, Frederick Frederick Hirsch Nokia On Mar 1, 2010, at 12:09 AM, ext Magnus Nystrom wrote: > Dear all, > This is in response to ACTION-528 that was assigned to me during > this week’s call. > > I reviewed the latest XML DSig draft and the latest XML Enc draft. I > am not sure when the text in Section 4.5.8 of XML DSig 1.1 got > added, but it is, as Frederick noticed, clearly not correct. I > suggest a change to: > > “ > 4.5.8 XML Encryption EncryptedKey and DerivedKey Elements > The <xenc:EncryptedKey> and <xenc11:DerivedKey> elements defined in > [XMLENC-CORE1] as children ofds:KeyInfo can be used to convey in- > band encrypted or derived key material. In particular, the > <xenc:DerivedKey> element may be present when the key used in > calculating a Message Authentication Code is derived from a shared > secret. > “ > > Also, I noted that the current draft of XML Enc 1.1 (at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/) > does not link to the 1.1 schema (of which I found one copy at: http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/xenc-schema-11.xsd) > , but rather twice to the 1.0 schema (at http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/xenc-schema.xsd) > > -- Magnus >
Received on Monday, 1 March 2010 14:07:38 UTC