OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Request for comment on W3C Last Call of XML Encryption 1.1, XML Security Generic Hybrid Ciphers and XML Signature 1.1

I brought this up as an issue whereby WS-SX (and other TCs) should
provide for flexibility with namespaces;  this was prompted by the FIPS
180-3 requirements to sunset SHA-1 by the end of the year.

Relevant URIs include:
http://www.w3.org/2000/09/xmldsig# (ds: dsig:)
http://www.w3.org/2009/xmldsig11# (dsig11:)
http://www.w3.org/2001/04/xmldsig-more# (RFC 4051
http://www.ietf.org/rfc/rfc4051.txt)
http://www.w3.org/2008/xmlsec/experimental# (dsig2:)

-----Original Message-----
From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] 
Sent: Thursday, May 20, 2010 7:09 AM
To: ws-sx@lists.oasis-open.org
Cc: Frederick.Hirsch@nokia.com
Subject: [ws-sx] Request for comment on W3C Last Call of XML Encryption
1.1, XML Security Generic Hybrid Ciphers and XML Signature 1.1


The W3C XML Security working group [1]  has published three W3C Last
Call  [2] working drafts, indicating that the Working Group considers
them complete, that they  have met requirements and it is appropriate to
seek comment.  The deadline for comment is 10 June 2010. The documents
are the following:

(1) XML Encryption 1.1 [3]:

The working group has updated the  original 2002 XML Encryption
specification to an XML Encryption 1.1 draft.  The update includes
clarifications, editorial corrections, addition of mandatory to
implement Elliptic Curve Diffie-Hellman Key Agreement, support for Key
Derivation, requiring SHA-256 and discouraging use of SHA-1 and other
changes; complete details of the changes are at [4].

(2)  XML Security Generic Hybrid Ciphers [5]:

This is a new specification that augments XML Encryption Version 1.1 by
defining algorithms, XML types and elements necessary to enable use of
generic hybrid ciphers in XML Security applications. 

(3) XML Signature 1.1 [6]:

The WG also published a second Last Call for XML Signature 1.1, with the
only substantive changes being the result of  comments from the previous
Last Call, as noted in the status section of that document. To note are
the addition of the KeyInfoReference element and a correction related to
the use of Derived Keys.

The deadline is 10 June for comments. Please send any comment to the
public comment list at  public-xmlsec@w3.org (archived at
http://lists.w3.org/Archives/Public/public-xmlsec/ ).

The WG also published an updated draft of the XML Security Algorithms
Cross-Reference [7], to add Generic Hybrid Cipher algorithm information.

regards, Frederick

Frederick Hirsch, Nokia
Chair, W3C XML Security WG

[1] http://www.w3.org/2008/xmlsec/

[2] http://www.w3.org/2005/10/Process-20051014/tr.html#last-call

[3] http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/

[4] http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/explain.html

[5] http://www.w3.org/TR/2010/WD-xmlsec-generic-hybrid-20100513/

[6] http://www.w3.org/TR/2010/WD-xmldsig-core1-20100513/

[7] http://www.w3.org/TR/2010/WD-xmlsec-algorithms-20100513/
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]