[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Updated: (OFFICE-3027) Public Comment: ODF1.2 Part 3 Encryption Process and Default Concerns
[ http://tools.oasis-open.org/issues/browse/OFFICE-3027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dennis Hamilton updated OFFICE-3027:
------------------------------------
Proposal:
1. Rename section 3.4.2 to "Encryption Process"
2. Replace the first paragraph of 3.4.2
"""
The encryption process for file entries using the default digest and encryption algorithms has three steps:
"""
with the paragraph
"""
The three stages of the encryption process proceed as follows, using the legacy algorithms to illustrate each stage:
"""
3. In section 4.5 <manifest:algorithm>, replace the second and third (the last two) paragraphs to read
"""
When the manifest:algorithm-name attribute value matches one of those defined in section §3.2 of [xmlenc-core], the <manifest:algorithm> element shall not have child elements except those permitted as child elements of the [xmlenc-core] <EncryptionMethod> element whose Algorithm attribute value is the same as the <manifest:algorithm> manifest:algorithm attribute value.
When the value of the manifest:algorithm attribute identifies the legacy Blowfish algorithm, <manifest:algorithm> shall be an empty element.
"""
4. In section 4.8.1 manifest:algorithm-name
Replace the the first pagraph with
"""
The manifest:algorithm name attribute identifies the algorithm and mode used to encrypt a file entry.
"""
Move the third bullet to the beginning of the bulleted list. Change it to read
"""
* An IRI listed in §5.2 of [xmlenc-core]: The algorithm and mode specified in §5.2 of [xmlenc-core]: for this IRI.
"""
The last parapgraph of 4.8.1 is not a list item. Make it a final paragraph and reword it as follows:
"""
Package producers and consumers shall support the AES-128 CBC algorithm and mode identified by value http://www.w3.org/2001/04/xmlenc#aes128-cbc. The legacy Blowfish algorithm need not be supported. [Note: Suport of the Blowfish algorithm by package consumers provides compatibility with existing applications and documents conforming to earlier versions of this specification.]
"""
5. In 3.4.1 General, Delete the following sentences from the second paragraph:
"""
Package consumers and producers that support encryption shall support the digest and encryption algorithms defined in 3.4.2. They may support additional algorithms.
"""
was:
1. Rename section 3.4.2 to "Encryption Process"
2. Replace the first paragraph of 3.4.2
"""
The encryption process for file entries using the default digest and encryption algorithms has three steps:
"""
with the paragraph
"""
The three stages of the encryption process proceed as follows, using the legacy algorithms to illustrate each stage:
"""
3. In section 4.5 <manifest:algorithm>, replace the second and third (the last two) paragraphs to read
"""
When the manifest:algorithm-name attribute value matches one of those defined in section §3.2 of [xmlenc-core], the <manifest:algorithm> element shall not have child elements except those permitted as child elements of the [xmlenc-core] <EncryptionMethod> element whose Algorithm attribute value is the same as the <manifest:algorithm> manifest:algorithm attribute value.
When the value of the manifest:algorithm attribute identifies the legacy Blowfish algorithm, <manifest:algorithm> shall be an empty element.
"""
4. In section 4.8.1 manifest:algorithm-name
Replace the the first pagraph with
"""
The manifest:algorithm name attribute identifies the algorithm and mode used to encrypt a file entry.
"""
Move the third bullet to the beginning of the bulleted list. Change it to read
"""
* An IRI listed in §5.2 of [xmlenc-core]: The algorithm and mode specified in §5.2 of [xmlenc-core]: for this IRI.
"""
The last parapgraph of 4.8.1 is not a list item. Make it a final paragraph and reword it as follows:
"""
Package producers and consumers shall support the AES-128 CBC algorithm and mode identified by value http://www.w3.org/2001/04/xmlenc#aes128-cbc. The legacy Blowfish algorithm need not be supported. [Note: Suport of the Blowfish algorithm by package consumers provides compatibility with existing applications and documents conforming to earlier versions of this specification.]
"""
5. In 3.4.1 General, Delete the following sentences from the second paragraph:
"""
Package consumers and producers that support encryption shall support the digest and encryption algorithms defined in 3.4.2. They may support additional algorithms.
"""
6. In section 4.8.9 manifest:key-derivation-name, in the first list item, replace the text
"""
The PBKDF2 key derivation method.
"""
with
"""
The PBKDF2 key derivation method with HMAC-SHA-1 Pseudo-Random Function (PRF).
"""
[Note: This was discovered as part of reviewing the changes to 3.4.2.]
Resolution:
1. Rename section 3.4.2 to "Encryption Process"
2. Replace the first paragraph of 3.4.2
"""
The encryption process for file entries using the default digest and encryption algorithms has three steps:
"""
with the paragraph
"""
The three stages of the encryption process proceed as follows, using the legacy algorithms to illustrate each stage:
"""
3. In section 4.5 <manifest:algorithm>, replace the second and third (the last two) paragraphs to read
"""
When the manifest:algorithm-name attribute value matches one of those defined in section §3.2 of [xmlenc-core], the <manifest:algorithm> element shall not have child elements except those permitted as child elements of the [xmlenc-core] <EncryptionMethod> element whose Algorithm attribute value is the same as the <manifest:algorithm> manifest:algorithm attribute value.
When the value of the manifest:algorithm attribute identifies the legacy Blowfish algorithm, <manifest:algorithm> shall be an empty element.
"""
4. In section 4.8.1 manifest:algorithm-name
Replace the the first pagraph with
"""
The manifest:algorithm name attribute identifies the algorithm and mode used to encrypt a file entry.
"""
Move the third bullet to the beginning of the bulleted list. Change it to read
"""
* An IRI listed in §5.2 of [xmlenc-core]: The algorithm and mode specified in §5.2 of [xmlenc-core]: for this IRI.
"""
The last parapgraph of 4.8.1 is not a list item. Make it a final paragraph and reword it as follows:
"""
Package producers and consumers shall support the AES-128 CBC algorithm and mode identified by value http://www.w3.org/2001/04/xmlenc#aes128-cbc. The legacy Blowfish algorithm need not be supported. [Note: Suport of the Blowfish algorithm by package consumers provides compatibility with existing applications and documents conforming to earlier versions of this specification.]
"""
5. In 3.4.1 General, Delete the following sentences from the second paragraph:
"""
Package consumers and producers that support encryption shall support the digest and encryption algorithms defined in 3.4.2. They may support additional algorithms.
"""
Took the refined proposal as the resolution.
> Public Comment: ODF 1.2 Part 3 Encryption Process and Default Concerns
> ----------------------------------------------------------------------
>
> Key: OFFICE-3027
> URL: http://tools.oasis-open.org/issues/browse/OFFICE-3027
> Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
> Issue Type: Sub-task
> Components: Part 3 (Packages), Public Review, Security
> Affects Versions: ODF 1.2 CD 05
> Reporter: Dennis Hamilton
> Assignee: Dennis Hamilton
> Fix For: ODF 1.2 CD 06
>
>
> There are clarifications requested for portions of the Encryption process, with objection to the Blowfish default and proposal of an AES default.
> The full text is in the second attachment to the public comment posting at
> <http://lists.oasis-open.org/archives/office/201006/msg00071.html>.
> Here is the Complete Text extracted from the Microsoft Word Format document linked in the original comment:
> """
> Forslag til ændringer i ODF 1.2 Part 3:
> For
> * Section 2.4.2 [CD05 3.4.2] Default Encryption algorithm:
> Since the section deals with the steps involved in encrypting and not
> so much the encryption algorithm itself, I suggest changing the name
> of the section to "Encryption process".
> * Section 2.8 [CD05 3.8] Preview Image
> Simply editorial, but the last sentence should start with the word
> "They" and not "The". Also, there seems to be an extra [space] between
> the words "is" and "independant".
> * Section 3.5 [CD05 4.5] <manifest:algorithm>
> I propose to change section 3.5 [CD05 4.5] to the following:
> [Section 3.5 [CD05 4.5] start]
> The <manifest:algorithm> element specifies the algorithm used to encrypt data.
> The <manifest:algorithm>-element SHALL only contain child elements
> that are permitted child elements of an <EncryptionMethod> element as
> defined in §3.2 of [xmlenc-core], whose Algorithm-attribute has the
> value of the manifest:algorithm-name attribute.
> If the value of the manifest:algorithm-name attribute is Blowfish CFB
> the <manifest:algorithm> element shall not have child elements.
> (section describing schema at the end of the section remains the same)
> [Section 3.5 [CD05 4.5] end]
> Justification:
> The idea is basically to promote "standard" algorithms and XML
> constructs as those mentioned in [xmlenc-core] to "first class
> citizens" of ODF while making usage of Blowfish a second class citizen
> - while acknowledging that there are documents and applications out
> there using Blowfish.
> I have specifically chosen to substitute " SHOULD only contain child
> elements" with " SHALL only contain child elements" since I see no
> need for the more lose "should"-term. The definition of
> EncryptionMethod from xmlenc-core consists of optional child elements,
> so this fits nicely with "no child elements" when dealing with
> Blowfish. I believe a more strict set of element rules would
> facilitate interop better than the current lax way of specifying
> elements.
> * Section 3.8.1 [CD05 4.8.1] manifest:algorithm-name
> I like the idea of reusing already standardised functionality in "XML
> Encryption Syntax and Processing". Especially the reusage of the
> xmlenc-core way of specifiying algorithms look really good and
> facilitate interoperability and reuse of existing implementations of
> encryption algorithms in the best possible way.
> However, I do not understand the need to persist Blowfish as the
> preferred, default algorithm. I also do not understand the need to
> include usage of Blowfish in the list of possible algorithms complying
> with "standard OpenDocument conformance" (and not making it extended
> conformance) - especially since the creator of Blowfish (Bruce
> Schneier) himself discourages the usage of Blowfish today to other
> alternatives.
> I therefore propose the entire paragraph to be changed to:
> [Section 3.8.1 [CD05 4.8.1] start]
> The manifest:algorithm-name attribute specifies the name of the
> algorithm used to encrypt a file entry, and also specifies in which
> mode this algorithm was used.
> Defined values for the manifest:algorithm-name attribute are:
> * An IRI listed in §5.2 or §5.3 of [xmlenc-core]: The algorithm
> specified in §5.2 or §5.3 of [xmlenc-core] for this IRI, or
> * The IRI of an alternative algorithm as specified in §5.1 of [xmlenc-core].
> To maintain compatibility with existing applications and documents
> conforming to earlier versions of this specification, an application
> may support Blowfish in CBC-code. The defined values for this
> algorithm are "Blowfish CBC" or
> "urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#blowfish" See
> [Blowfish].
> Package producers and package consumers that support encryption shall
> support AES-128 CBC using the value
> http://www.w3.org/2001/04/xmlenc#aes128-cbc.
> Alternative algorithms other than an IRI listed in §5.2 or §5.3 of
> [xmlenc-core] may be specified by extended conforming documents only.
> They shall not be specified by conforming documents.
> (section describing schema at the end of the section remains the same)
> [Section 3.8.1 [CD05 4.8.1] end]
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]