This document provides a summary of non-editorial changes in XML Encryption 1.1 from the XML Encryption Recommendation.
This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/.
In the case of any difference between this document and the XML Encryption 1.1 specification [XMLENC-CORE1], the XML Encryption 1.1 specification is authoritative.
This document was published by the XML Security Working Group as a Working Group Note. If you wish to make comments regarding this document, please send them to firstname.lastname@example.org (subscribe, archives). All comments are welcome.
Publication as a Working Group Note does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
This document summarizes non-editorial changes in XML Encryption 1.1 [XMLENC-CORE1] from the XML Encryption Recommendation [XMLENC-CORE].
Added support for derived keys, in particular:
RetrievalMethod description to include
ReferenceList description to include
AES-256-pad Symmetric Key Wrap
algorithms as optional.
SHA-384 Message Digest as optional
PBKDF2 as optional.
For all algorithms added, algorithm identifiers and information were added to the specification.
SHA-1 Message Digest to required, but DISCOURAGED.
SHA-256 Message Digest to required
AES-128-GCM Block Encryption as required,
added warning about
use of CBC
block encryption algorithms and reference to paper on attack.
RSA-OAEP Key Transport to be used with
based) by defining an
URI and significantly
revising specification text. Added definition of
AES-GCM Block Encryption description of the
algorithm as equivalent to
encryption followed by signing.
Encoding attribute in the
Transforms in the
CipherReference element is defined in XML Signature.
CipherValue element is used.
Dated references below are to the latest known or appropriate edition of the referenced work. The referenced works may be subject to revision, and conformant implementations may follow, and are encouraged to investigate the appropriateness of following, some or all more recent editions or replacements of the works cited. It is in each case implementation-defined which editions are supported.