Re: RfC: Three Last Call WDs by the XML Security WG; deadline 11-May-2010

[Frederick.Hirsch]

Minor correction, the  Last Call period ends 10 June. 

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG



On May 17, 2010, at 11:03 AM, ext Arthur Barstow wrote:

> Below is a request to the WebApps WG for comments on 3 LCWDs produced  
> by the XML Security WG:
> 
> [[
> This is a first Last Call for XML Encryption and Generic Hybrid  
> Ciphers specifications.
> 
> This is a second Last Call for XML Signature 1.1, with the only  
> substantive changes being the result of Last Call feedback, as noted  
> in the status section of that document.
> ]]
> 
> The comment deadline is June 11 and comments should be sent to:
> 
>  public-xml...@w3.org
>  http://lists.w3.org/Archives/Public/public-xmlsec/
> 
> -Art Barstow
> 
> Begin forwarded message:
> 
>> From: "Hirsch Frederick (Nokia-CIC/Boston)"  
>> 
>> Date: May 17, 2010 10:48:05 AM EDT
>> To: "cha...@w3.org" 
>> Cc: "Hirsch Frederick (Nokia-CIC/Boston)"  
>> , "t...@w3.org" 
>> Subject: Transition Announcement: Last Call WD of XML Encryption  
>> 1.1, XML Security Generic Hybrid Ciphers and XML Signature 1.1
>> Archived-At: > e95c-4935-96be-1464cbc4e...@nokia.com>
>> 
>> 1) This is a Last Call Working Draft transition announcement for  
>> three Recommendation track specifications.
>> 
>> This is a first Last Call for XML Encryption and Generic Hybrid  
>> Ciphers specifications. This is a second Last Call for XML  
>> Signature 1.1, with the only substantive changes being the result  
>> of Last Call feedback, as noted in the status section of that  
>> document.
>> 
>> (2) Document title, URIs.
>> 
>> 2a) XML Encryption Syntax and Processing Version 1.1
>> 
>> http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/
>> 
>> 2b) XML Security Generic Hybrid Ciphers
>> 
>> http://www.w3.org/TR/2010/WD-xmlsec-generic-hybrid-20100513/
>> 
>> 2c) XML Signature Syntax and Processing Version 1.1
>> 
>> http://www.w3.org/TR/2010/WD-xmldsig-core1-20100513/
>> 
>> (3) Instructions for providing feedback.
>> 
>> If you wish to make comments regarding these documents, please send  
>> them to public-xml...@w3.org. The list is archived at http:// 
>> lists.w3.org/Archives/Public/public-xmlsec/
>> 
>> (4) Review end date.
>> 
>> This Last Call period is for four weeks and will end 10 June 2010.
>> 
>> (5) A reference to the group's decision to make this transition.
>> 
>> The XML Security agreed to making this Last Call transition at its  
>> teleconference on 11 May 2010, see http://www.w3.org/2010/05/11- 
>> xmlsec-minutes.html#item06
>> 
>> (6) Evidence that the document satisfies group's requirements.  
>> Include a link to requirements
>> 
>> The XML Security Working Group believe this document satisfies the  
>> XML Encryption and XML Signature requirements as outlined in the   
>> XML Security 1.1 Requirements and Design Considerations  document,  
>> see http://www.w3.org/TR/2010/WD-xmlsec-reqs-20100204/
>> 
>> (7) The names of groups with dependencies, explicitly inviting  
>> review from them.
>> 
>> 7a) Web Applications Working Group (WebApps), http://www.w3.org/ 
>> 2008/webapps/
>> 
>> The Web Applications Working Group " Digital Signatures for  
>> Widgets" specification has a dependency on XML Signature 1.1,  
>> however the
>> substantive changes in XML Signature 1.1 are for features not used  
>> by  that specification ( http://www.w3.org/TR/2010/WD-widgets- 
>> digsig-20100511/
>> ). The XML Security Working Group requests review from the Web  
>> Applications WG of the XML Signature 1.1 Last Call specification,
>> 
>> 7b) Efficient XML Interchange Working Group (EXI), http:// 
>> www.w3.org/XML/EXI/
>> 
>> The XML Security WG has made changes to the XML Encryption 1.1  
>> specification to clarify use with EXI formats. The XML Security  
>> Working Group requests EXI WG review of XML Encryption 1.1 Last  
>> Call specification.
>> 
>> (8) Report of any Formal Objections
>> 
>> The Working Group has received no formal objections.
>> 
>> The Working Group has noted the following in the Status of the  
>> Document in XML Signature 1.1 and XML Encryption 1.1:
>> 
>> "This Last Call Working Draft includes the ECDSAwithSHA256  
>> signature  algorithm, which is ECDSA over the P-256 prime curve  
>> specified in  Section D.2.3 of FIPS 186-3 [FIPS-186-3] (and using  
>> the SHA-256 hash algorithm), as a mandatory to implement algorithm.  
>> The Working Group  may request transition to Candidate  
>> Recommendation with this feature  marked as "at risk". If issues  
>> about deployment of this feature are raised during Candidate  
>> Recommendation, the group may elect to make this feature optional."
>> 
>> (9) A link to a patent disclosure page.
>> 
>> http://www.w3.org/2004/01/pp-impl/42458/status
>> 
>> The WG is also publishing an update to the "XML Security Algorithm  
>> Cross-Reference", intended to become a Working Group Note, http:// 
>> www.w3.org/TR/2010/WD-xmlsec-algorithms-20100513/
>> .
>> 
>> reg

RfC: Three Last Call WDs by the XML Security WG; deadline 11-May-2010

[Arthur Barstow]

Below is a request to the WebApps WG for comments on 3 LCWDs produced  
by the XML Security WG:


[[
This is a first Last Call for XML Encryption and Generic Hybrid  
Ciphers specifications.


This is a second Last Call for XML Signature 1.1, with the only  
substantive changes being the result of Last Call feedback, as noted  
in the status section of that document.

]]

The comment deadline is June 11 and comments should be sent to:

 public-xml...@w3.org
 http://lists.w3.org/Archives/Public/public-xmlsec/

-Art Barstow

Begin forwarded message:

From: "Hirsch Frederick (Nokia-CIC/Boston)"  


Date: May 17, 2010 10:48:05 AM EDT
To: "cha...@w3.org" 
Cc: "Hirsch Frederick (Nokia-CIC/Boston)"  
, "t...@w3.org" 
Subject: Transition Announcement: Last Call WD of XML Encryption  
1.1, XML Security Generic Hybrid Ciphers and XML Signature 1.1
Archived-At: 


1) This is a Last Call Working Draft transition announcement for  
three Recommendation track specifications.


This is a first Last Call for XML Encryption and Generic Hybrid  
Ciphers specifications. This is a second Last Call for XML  
Signature 1.1, with the only substantive changes being the result  
of Last Call feedback, as noted in the status section of that  
document.


(2) Document title, URIs.

2a) XML Encryption Syntax and Processing Version 1.1

http://www.w3.org/TR/2010/WD-xmlenc-core1-20100513/

2b) XML Security Generic Hybrid Ciphers

http://www.w3.org/TR/2010/WD-xmlsec-generic-hybrid-20100513/

2c) XML Signature Syntax and Processing Version 1.1

http://www.w3.org/TR/2010/WD-xmldsig-core1-20100513/

(3) Instructions for providing feedback.

If you wish to make comments regarding these documents, please send  
them to public-xml...@w3.org. The list is archived at http:// 
lists.w3.org/Archives/Public/public-xmlsec/


(4) Review end date.

This Last Call period is for four weeks and will end 10 June 2010.

(5) A reference to the group's decision to make this transition.

The XML Security agreed to making this Last Call transition at its  
teleconference on 11 May 2010, see http://www.w3.org/2010/05/11- 
xmlsec-minutes.html#item06


(6) Evidence that the document satisfies group's requirements.  
Include a link to requirements


The XML Security Working Group believe this document satisfies the  
XML Encryption and XML Signature requirements as outlined in the   
XML Security 1.1 Requirements and Design Considerations  document,  
see http://www.w3.org/TR/2010/WD-xmlsec-reqs-20100204/


(7) The names of groups with dependencies, explicitly inviting  
review from them.


7a) Web Applications Working Group (WebApps), http://www.w3.org/ 
2008/webapps/


The Web Applications Working Group " Digital Signatures for  
Widgets" specification has a dependency on XML Signature 1.1,  
however the
substantive changes in XML Signature 1.1 are for features not used  
by  that specification ( http://www.w3.org/TR/2010/WD-widgets- 
digsig-20100511/
 ). The XML Security Working Group requests review from the Web  
Applications WG of the XML Signature 1.1 Last Call specification,


7b) Efficient XML Interchange Working Group (EXI), http:// 
www.w3.org/XML/EXI/


The XML Security WG has made changes to the XML Encryption 1.1  
specification to clarify use with EXI formats. The XML Security  
Working Group requests EXI WG review of XML Encryption 1.1 Last  
Call specification.


(8) Report of any Formal Objections

The Working Group has received no formal objections.

The Working Group has noted the following in the Status of the  
Document in XML Signature 1.1 and XML Encryption 1.1:


"This Last Call Working Draft includes the ECDSAwithSHA256  
signature  algorithm, which is ECDSA over the P-256 prime curve  
specified in  Section D.2.3 of FIPS 186-3 [FIPS-186-3] (and using  
the SHA-256 hash algorithm), as a mandatory to implement algorithm.  
The Working Group  may request transition to Candidate  
Recommendation with this feature  marked as "at risk". If issues  
about deployment of this feature are raised during Candidate  
Recommendation, the group may elect to make this feature optional."


(9) A link to a patent disclosure page.

http://www.w3.org/2004/01/pp-impl/42458/status

The WG is also publishing an update to the "XML Security Algorithm  
Cross-Reference", intended to become a Working Group Note, http:// 
www.w3.org/TR/2010/WD-xmlsec-algorithms-20100513/

 .

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG