| < draft-eastlake-additional-xmlsec-uris-09.txt | draft-eastlake-additional-xmlsec-uris-10.txt > | |||
|---|---|---|---|---|
| INTERNET-DRAFT Donald Eastlake | INTERNET-DRAFT Donald Eastlake | |||
| Obsoletes: 4051 Huawei | Obsoletes: 4051 Huawei | |||
| Intended Status: Proposed Standard | Intended Status: Proposed Standard | |||
| Expires: August 8, 2013 February 9, 2013 | Expires: September 26, 2013 March 27, 2013 | |||
| Additional XML Security Uniform Resource Identifiers (URIs) | Additional XML Security Uniform Resource Identifiers (URIs) | |||
| <draft-eastlake-additional-xmlsec-uris-09.txt> | <draft-eastlake-additional-xmlsec-uris-10.txt> | |||
| Abstract | Abstract | |||
| This document obsoletes RFC 4051, expanding and updating the list of | This document obsoletes RFC 4051, expanding, updating, and | |||
| URIs intended for use with XML Digital Signatures, Encryption, | esatablishing an IANA Registry for the list of URIs intended for use | |||
| Canonicalization, and Key Management. These URIs identify algorithms | with XML Digital Signatures, Encryption, Canonicalization, and Key | |||
| and types of information. | Management. These URIs identify algorithms and types of information. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Distribution of this document is unlimited. Comments should be sent | Distribution of this document is unlimited. Comments should be sent | |||
| to the author. | to the author. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| skipping to change at page 2, line 9 ¶ | skipping to change at page 2, line 9 ¶ | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/1id-abstracts.html. The list of Internet-Draft | http://www.ietf.org/1id-abstracts.html. The list of Internet-Draft | |||
| Shadow Directories can be accessed at | Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| Table of Contents | Table of Contents | |||
| Acknowledgements...........................................4 | 1. Introduction............................................4 | |||
| 1. Introduction............................................5 | ||||
| 1.1 Terminology...........................................5 | 1.1 Terminology...........................................5 | |||
| 1.2 Acronyms..............................................6 | 1.2 Acronyms..............................................5 | |||
| 2. Algorithms..............................................7 | 2. Algorithms..............................................6 | |||
| 2.1 DigestMethod (Hash) Algorithms........................7 | 2.1 DigestMethod (Hash) Algorithms........................6 | |||
| 2.1.1 MD5.................................................7 | 2.1.1 MD5.................................................6 | |||
| 2.1.2 SHA-224.............................................8 | 2.1.2 SHA-224.............................................7 | |||
| 2.1.3 SHA-384.............................................8 | 2.1.3 SHA-384.............................................7 | |||
| 2.1.4 Whirlpool...........................................8 | 2.1.4 Whirlpool...........................................7 | |||
| 2.1.5 SHA-3...............................................9 | 2.1.5 New SHA Functions...................................8 | |||
| 2.2 SignatureMethod MAC Algorithms........................9 | 2.2 SignatureMethod MAC Algorithms........................8 | |||
| 2.2.1 HMAC-MD5............................................9 | 2.2.1 HMAC-MD5............................................8 | |||
| 2.2.2 HMAC SHA Variations................................10 | 2.2.2 HMAC SHA Variations.................................9 | |||
| 2.2.3 HMAC-RIPEMD160.....................................10 | 2.2.3 HMAC-RIPEMD160......................................9 | |||
| 2.3 SignatureMethod Public Key Signature Algorithms......11 | 2.3 SignatureMethod Public Key Signature Algorithms......10 | |||
| 2.3.1 RSA-MD5............................................11 | 2.3.1 RSA-MD5............................................10 | |||
| 2.3.2 RSA-SHA256.........................................12 | 2.3.2 RSA-SHA256.........................................11 | |||
| 2.3.3 RSA-SHA384.........................................12 | 2.3.3 RSA-SHA384.........................................11 | |||
| 2.3.4 RSA-SHA512.........................................12 | 2.3.4 RSA-SHA512.........................................11 | |||
| 2.3.5 RSA-RIPEMD160......................................13 | 2.3.5 RSA-RIPEMD160......................................11 | |||
| 2.3.6 ECDSA-SHA*, ECDSA-RIPEMD160, ECDSA-Whirlpool.......13 | 2.3.6 ECDSA-SHA*, ECDSA-RIPEMD160, ECDSA-Whirlpool.......12 | |||
| 2.3.7 ESIGN-SHA1.........................................14 | 2.3.7 ESIGN-SHA*.........................................12 | |||
| 2.3.8 RSA-Whirlpool......................................14 | 2.3.8 RSA-Whirlpool......................................13 | |||
| 2.3.9 RSASSA-PSS With Parameters.........................14 | 2.3.9 RSASSA-PSS With Parameters.........................13 | |||
| 2.3.10 RSASSA-PSS Without Parameters.....................16 | 2.3.10 RSASSA-PSS Without Parameters.....................15 | |||
| 2.3.11 RSA-SHA224........................................16 | 2.3.11 RSA-SHA224........................................15 | |||
| 2.4 Minimal Canonicalization.............................17 | 2.4 Minimal Canonicalization.............................16 | |||
| 2.5 Transform Algorithms.................................17 | 2.5 Transform Algorithms.................................16 | |||
| 2.5.1 XPointer...........................................17 | 2.5.1 XPointer...........................................16 | |||
| 2.6 EncryptionMethod Algorithms..........................18 | 2.6 EncryptionMethod Algorithms..........................17 | |||
| 2.6.1 ARCFOUR Encryption Algorithm.......................18 | 2.6.1 ARCFOUR Encryption Algorithm.......................17 | |||
| 2.6.2 Camellia Block Encryption..........................18 | 2.6.2 Camellia Block Encryption..........................17 | |||
| 2.6.3 Camellia Key Wrap..................................19 | 2.6.3 Camellia Key Wrap..................................18 | |||
| 2.6.4 PSEC-KEM...........................................19 | 2.6.4 PSEC-KEM...........................................18 | |||
| 2.6.5 SEED Block Encryption..............................20 | 2.6.5 SEED Block Encryption..............................19 | |||
| 2.6.6 SEED Key Wrap......................................20 | 2.6.6 SEED Key Wrap......................................19 | |||
| 3. KeyInfo................................................22 | 3. KeyInfo................................................20 | |||
| 3.1 PKCS #7 Bag of Certificates and CRLs.................22 | 3.1 PKCS #7 Bag of Certificates and CRLs.................20 | |||
| 3.2 Additional RetrievalMethod Type Values...............22 | 3.2 Additional RetrievalMethod Type Values...............20 | |||
| 4. Indexes................................................23 | 4. Indexes................................................21 | |||
| 4.1 Fragment Index.......................................23 | 4.1 Fragment Index.......................................21 | |||
| 4.2 URI Index............................................26 | 4.2 URI Index............................................24 | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| Table of Contents (continued) | Table of Contents (continued) | |||
| 5. Allocation Considerations..............................30 | 5. Allocation Considerations..............................28 | |||
| 5.1 W3C Allocation Considerations........................30 | 5.1 W3C Allocation Considerations........................28 | |||
| 5.1 IANA Considerations..................................30 | 5.1 IANA Considerations..................................28 | |||
| 6. Security Considerations................................31 | ||||
| Appendix A: Changes from RFC 4051.........................32 | ||||
| Appendix Z: Change History................................33 | ||||
| Normative References......................................35 | ||||
| Informational References..................................38 | ||||
| Author's Address..........................................40 | ||||
| INTERNET-DRAFT Additional XML Security URIs | 6. Security Considerations................................29 | |||
| Acknowledgements | Acknowledgements..........................................30 | |||
| The contributions of the following to this document, listed in | Appendix A: Changes from RFC 4051.........................31 | |||
| alphabetic order, are gratefully acknowledged: Ernst Giessmann, | Appendix Z: Change History................................32 | |||
| Frederick Hirsch, Bjoern Hoehrmann, Russ Housley, Charlie Kaufman, | ||||
| Konrad Lanz, Peter Lipp, HwanJin Lee, Thomas Roessler, Hanseong Ryu, | ||||
| Peter Saint-Andre, and Sean Turner. | ||||
| The following contributors to [RFC4051], on which this document is | Normative References......................................34 | |||
| based, are gratefully acknowledged: Glenn Adams, Merlin Hughs, Gregor | Informational References..................................37 | |||
| Karlinger, Brian LaMachia, Shiho Moriai, Joseph Reagle, Russ Housley, | ||||
| and Joel Halpern. | ||||
| The document was prepared in raw nroff. All macros used were defined | Author's Address..........................................39 | |||
| within the source file. | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 1. Introduction | 1. Introduction | |||
| XML Digital Signatures, Canonicalization, and Encryption have been | XML Digital Signatures, Canonicalization, and Encryption have been | |||
| standardized by the W3C and by the joint IETF/W3C XMLDSIG working | standardized by the W3C and by the joint IETF/W3C XMLDSIG working | |||
| group [W3C]. All of these are now W3C Recommendations and IETF | group [W3C]. All of these are now W3C Recommendations and some are | |||
| Informational or Standards Track documents. They are available as | also IETF RFCs. They are available as follows: | |||
| follows: | ||||
| IETF level W3C REC Topic | IETF level W3C REC Topic | |||
| ----------- ------- ----- | ----------- ------- ----- | |||
| [RFC3275] Draft Std [XMLDSIG] XML Digital Signatures | [RFC3275] Draft Std [XMLDSIG10] XML Digital Signatures | |||
| [RFC3076] Info [CANON] Canonical XML 1.0 | [RFC3076] Info [CANON10] Canonical XML | |||
| - - - - - - [XMLENC] XML Encryption | - - - - - - [XMLENC10] XML Encryption 1.0 | |||
| [RFC3741] Info [XCANON] Exclusive XML Canonicalization 1.0 | [RFC3741] Info [XCANON] Exclusive XML Canonicalization 1.0 | |||
| All of these standards and recommendations use URIs [RFC3986] to | All of these standards and recommendations use URIs [RFC3986] to | |||
| identify algorithms and keying information types. The W3C has | identify algorithms and keying information types. The W3C has | |||
| subsequently produced updated XML Signature 1.1 [XMLDSIG] and XML | subsequently produced updated XML Signature 1.1 [XMLDSIG11], | |||
| Encryption 1.1 [XMLENC} versions as well as a new XML Signature | Canonical XML 1.1 [CANON11], and XML Encryption 1.1 [XMLENC11] | |||
| Properties specification [XMLDSIG-PROP]. | versions as well as a new XML Signature Properties specification | |||
| [XMLDSIG-PROP]. | ||||
| All camel case element names herein, such as DigestValue, are from | ||||
| these documents. | ||||
| This document is an updated convenient reference list of URIs and | This document is an updated convenient reference list of URIs and | |||
| corresponding algorithms in which there is substantial interest. | corresponding algorithms in which there is expressed interest. There | |||
| There have been significant new cryptographic algorithms of interest | have been significant new cryptographic algorithms of interest to XML | |||
| to XML security, for some of which the URI is only specified in this | security, for some of which the URI is only specified in this | |||
| document, added since the previous list [RFC4051], was issued in | document, added since the previous list [RFC4051], was issued in | |||
| 2005. This document obsoletes [RFC4051]. All of the URIs appear in | 2005. This document obsoletes [RFC4051]. All of the URIs appear in | |||
| the Section 4 indexes below. Subsections about one of the URIs appear | the Section 4 indexes below. Subsections about one of the URIs appear | |||
| in Section 2 or 3 only for those URIs added by [RFC4051] or this | in Section 2 or 3 only for those URIs added by [RFC4051] or this | |||
| document and for Minimal Canoncialization (Section 2.4). | document and for Minimal Canoncialization (Section 2.4). For example, | |||
| use of SHA-256 is defined in [XMLENC11] and hence there is no sub- | ||||
| section on that algorithm here but its URI is included in the Section | ||||
| 4 indexes. | ||||
| Note that raising XML Digital Signature to Draft Standard [RFC3275] | Specification in this document of the URI representing an algorithm | |||
| in the IETF required removal of any algorithms for which there was | does not imply endorsement of the algorithm for any particular | |||
| not demonstrated interoperability from the Proposed Standard | purpose. Protocol specifications, which this is not, generally give | |||
| document. This required removal of the Minimal Canonicalization | algorithm and implementation requirements for those protocols. | |||
| algorithm, in which there appears to be continued interest. The URI | Security considerations for algorithms are constantly evolving, as | |||
| for Minimal Canonicalization was included in [RFC4051] and is | documented elsewhere. This specification simply provides some URIs | |||
| included here. | and relevant formatting for when those URIs are used. | |||
| Note that progressing XML Digital Signature [RFC3275] along the | ||||
| standards track required removal of any algorithms from the original | ||||
| version [RFC3075] for which there was not demonstrated | ||||
| interoperability. This required removal of the Minimal | ||||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| Canonicalization algorithm, in which there appears to be continued | ||||
| interest. The URI for Minimal Canonicalization was included in | ||||
| [RFC4051] and is included here. | ||||
| 1.1 Terminology | 1.1 Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| [RFC2119]. | [RFC2119]. | |||
| INTERNET-DRAFT Additional XML Security URIs | This document is not intended to change the slgotithm implementation | |||
| requirements of any IETF or W3C document. Use of [RFC2119] | ||||
| terminology is intended to be only such as is already stated or | ||||
| implied by other authoritative documents. | ||||
| 1.2 Acronyms | 1.2 Acronyms | |||
| The following acronyms are used in this document: | The following acronyms are used in this document: | |||
| HMAC - Keyed-Hashing MAC [RFC2104] | HMAC - Keyed-Hashing MAC [RFC2104] | |||
| IETF - Internet Engineering Task Force <www.ietf.org> | IETF - Internet Engineering Task Force <www.ietf.org> | |||
| MAC - Message Authentication Code | MAC - Message Authentication Code | |||
| skipping to change at page 7, line 31 ¶ | skipping to change at page 6, line 31 ¶ | |||
| while further algorithms added in this document are given URIs that | while further algorithms added in this document are given URIs that | |||
| start with | start with | |||
| http://www.w3.org/2007/05/xmldsig-more# | http://www.w3.org/2007/05/xmldsig-more# | |||
| In addition, for ease of reference, this document includes in the | In addition, for ease of reference, this document includes in the | |||
| indexes in Section 4 many cryptographic algorithm URIs from several | indexes in Section 4 many cryptographic algorithm URIs from several | |||
| XML security documents using the namespaces with which they are | XML security documents using the namespaces with which they are | |||
| defined in those documents. For example, 2000/09/xmldsig# for some | defined in those documents. For example, 2000/09/xmldsig# for some | |||
| URIs specified in [RFC3275] and 2001/04/xmlenc# for some URIs | URIs specified in [RFC3275] and 2001/04/xmlenc# for some URIs | |||
| specified in [XMLENC]. | specified in [XMLENC10]. | |||
| See also [XMLSECXREF]. | See also [XMLSECXREF]. | |||
| 2.1 DigestMethod (Hash) Algorithms | 2.1 DigestMethod (Hash) Algorithms | |||
| These algorithms are usable wherever a DigestMethod element occurs. | These algorithms are usable wherever a DigestMethod element occurs. | |||
| 2.1.1 MD5 | 2.1.1 MD5 | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#md5 | http://www.w3.org/2001/04/xmldsig-more#md5 | |||
| The MD5 algorithm [RFC1321] takes no explicit parameters. An example | The MD5 algorithm [RFC1321] takes no explicit parameters. An example | |||
| of an MD5 DigestAlgorithm element is: | of an MD5 DigestAlgorithm element is: | |||
| <DigestAlgorithm | <DigestAlgorithm | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/> | Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/> | |||
| An MD5 digest is a 128-bit string. The content of the DigestValue | An MD5 digest is a 128-bit string. The content of the DigestValue | |||
| element shall be the base64 [RFC2045] encoding of this bit string | element SHALL be the base64 [RFC2045] encoding of this bit string | |||
| viewed as a 16-octet octet stream. Use of MD5 is NOT RECOMMENDED | viewed as a 16-octet octet stream. See [RFC6151] for MD5 security | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| [RFC6151]. | considerations. | |||
| 2.1.2 SHA-224 | 2.1.2 SHA-224 | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#sha224 | http://www.w3.org/2001/04/xmldsig-more#sha224 | |||
| The SHA-224 algorithm [FIPS180-4] [RFC6234] takes no explicit | The SHA-224 algorithm [FIPS180-4] [RFC6234] takes no explicit | |||
| parameters. An example of a SHA-224 DigestAlgorithm element is: | parameters. An example of a SHA-224 DigestAlgorithm element is: | |||
| <DigestAlgorithm | <DigestAlgorithm | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /> | Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /> | |||
| A SHA-224 digest is a 224 bit string. The content of the DigestValue | A SHA-224 digest is a 224 bit string. The content of the DigestValue | |||
| element shall be the base64 [RFC2045] encoding of this string viewed | element SHALL be the base64 [RFC2045] encoding of this string viewed | |||
| as a 28-octet stream. Because it takes roughly the same amount of | as a 28-octet stream. | |||
| effort to compute a SHA-224 message digest as a SHA-256 digest and | ||||
| terseness is usually not a criteria in XML application, consideration | ||||
| should be given to the use of SHA-256 as an alternative. | ||||
| 2.1.3 SHA-384 | 2.1.3 SHA-384 | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#sha384 | http://www.w3.org/2001/04/xmldsig-more#sha384 | |||
| The SHA-384 algorithm [FIPS180-4] takes no explicit parameters. An | The SHA-384 algorithm [FIPS180-4] takes no explicit parameters. An | |||
| example of a SHA-384 DigestAlgorithm element is: | example of a SHA-384 DigestAlgorithm element is: | |||
| <DigestAlgorithm | <DigestAlgorithm | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /> | Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /> | |||
| A SHA-384 digest is a 384 bit string. The content of the DigestValue | A SHA-384 digest is a 384 bit string. The content of the DigestValue | |||
| element shall be the base64 [RFC2045] encoding of this string viewed | element SHALL be the base64 [RFC2045] encoding of this string viewed | |||
| as a 48-octet stream. Because it takes roughly the same amount of | as a 48-octet stream. | |||
| effort to compute a SHA-384 message digest as a SHA-512 digest and | ||||
| terseness is usually not a criteria in XML application, consideration | ||||
| should be given to the use of SHA-512 as an alternative. | ||||
| 2.1.4 Whirlpool | 2.1.4 Whirlpool | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2007/05/xmldsig-more#whirlpool | http://www.w3.org/2007/05/xmldsig-more#whirlpool | |||
| The Whirlpool algorithm [10118-3] takes no explicit parameters. A | The Whirlpool algorithm [10118-3] takes no explicit parameters. A | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| Whirlpool digest is a 512 bit string. The content of the DigestValue | Whirlpool digest is a 512 bit string. The content of the DigestValue | |||
| element shall be the base64 [RFC2045] encoding of this string viewed | element SHALL be the base64 [RFC2045] encoding of this string viewed | |||
| as a 64 octet stream. | as a 64 octet stream. | |||
| 2.1.5 SHA-3 | INTERNET-DRAFT Additional XML Security URIs | |||
| 2.1.5 New SHA Functions | ||||
| Identifiers: | Identifiers: | |||
| http://www.w3.org/2007/05/xmldsig-more#sha3-224 | http://www.w3.org/2007/05/xmldsig-more#sha3-224 | |||
| http://www.w3.org/2007/05/xmldsig-more#sha3-256 | http://www.w3.org/2007/05/xmldsig-more#sha3-256 | |||
| http://www.w3.org/2007/05/xmldsig-more#sha3-384 | http://www.w3.org/2007/05/xmldsig-more#sha3-384 | |||
| http://www.w3.org/2007/05/xmldsig-more#sha3-512 | http://www.w3.org/2007/05/xmldsig-more#sha3-512 | |||
| NIST has recently completed a hash function competition for an | NIST has recently completed a hash function competition for an | |||
| alternative to the SHA family. The Keccak-f[1600] algorithm was | alternative to the SHA family. The Keccak-f[1600] algorithm was | |||
| selected [Keccak]. This section is a space holder and reservation of | selected [Keccak]. This hash function is commonly referred to as | |||
| URIs for future information on Keccak use in XML security. | "SHA-3" and this section is a space holder and reservation of URIs | |||
| for future information on Keccak use in XML security. | ||||
| A SHA-3 224, 256, 384, and 512 digest is a 224, 256, 384, and 512 bit | ||||
| string, respectively. The content of the DigestValue element SHALL | ||||
| be the base64 [RFC2045] encoding of this string viewed as a 28-, 32-, | ||||
| 48-, and 64-octet stream, respectively. | ||||
| 2.2 SignatureMethod MAC Algorithms | 2.2 SignatureMethod MAC Algorithms | |||
| This section covers SignatureMethod MAC (Message Authentication Code) | This section covers SignatureMethod MAC (Message Authentication Code) | |||
| Algorithms. | Algorithms. | |||
| Note: Some text in this section is duplicated from [RFC3275] for the | Note: Some text in this section is duplicated from [RFC3275] for the | |||
| convenience of the reader. RFC 3275 is normative in case of conflict. | convenience of the reader. RFC 3275 is normative in case of conflict. | |||
| 2.2.1 HMAC-MD5 | 2.2.1 HMAC-MD5 | |||
| skipping to change at page 9, line 48 ¶ | skipping to change at page 8, line 50 ¶ | |||
| parameter; if the parameter is not specified then all the bits of the | parameter; if the parameter is not specified then all the bits of the | |||
| hash are output. An example of an HMAC-MD5 SignatureMethod element is | hash are output. An example of an HMAC-MD5 SignatureMethod element is | |||
| as follows: | as follows: | |||
| <SignatureMethod | <SignatureMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"> | Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"> | |||
| <HMACOutputLength>112</HMACOutputLength> | <HMACOutputLength>112</HMACOutputLength> | |||
| </SignatureMethod> | </SignatureMethod> | |||
| The output of the HMAC algorithm is ultimately the output (possibly | The output of the HMAC algorithm is ultimately the output (possibly | |||
| truncated) of the chosen digest algorithm. This value shall be base64 | truncated) of the chosen digest algorithm. This value SHALL be base64 | |||
| [RFC2045] encoded in the same straightforward fashion as the output | [RFC2045] encoded in the same straightforward fashion as the output | |||
| of the digest algorithms. Example: the SignatureValue element for the | of the digest algorithms. Example: the SignatureValue element for the | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| HMAC-MD5 digest | HMAC-MD5 digest | |||
| 9294727A 3638BB1C 13F48EF8 158BFC9D | 9294727A 3638BB1C 13F48EF8 158BFC9D | |||
| from the test vectors in [RFC2104] would be | from the test vectors in [RFC2104] would be | |||
| skipping to change at page 10, line 28 ¶ | skipping to change at page 9, line 28 ¶ | |||
| <restriction base="integer"> | <restriction base="integer"> | |||
| </simpleType> | </simpleType> | |||
| DTD: | DTD: | |||
| <!ELEMENT HMACOutputLength (#PCDATA) > | <!ELEMENT HMACOutputLength (#PCDATA) > | |||
| The Schema Definition and DTD immediately above are copied from | The Schema Definition and DTD immediately above are copied from | |||
| [RFC3275]. | [RFC3275]. | |||
| Although cryptographic suspicions have recently been cast on MD5 for | See [RFC6151] for HMAC-MD5 security considerations. | |||
| use in signatures such as RSA-MD5 below, this does not affect use of | ||||
| MD5 in HMAC [RFC6151]. | ||||
| 2.2.2 HMAC SHA Variations | 2.2.2 HMAC SHA Variations | |||
| Identifiers: | Identifiers: | |||
| http://www.w3.org/2001/04/xmldsig-more#hmac-sha224 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha224 | |||
| http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 | |||
| http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 | |||
| http://www.w3.org/2001/04/xmldsig-more#hmac-sha512 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha512 | |||
| SHA-224, SHA-256, SHA-384, and SHA-512 [FIPS180-4] [RFC6234] can also | SHA-224, SHA-256, SHA-384, and SHA-512 [FIPS180-4] [RFC6234] can also | |||
| skipping to change at page 11, line 54 ¶ | skipping to change at page 10, line 54 ¶ | |||
| the data. "prefix" is the ASN.1 BER MD5 algorithm designator prefix | the data. "prefix" is the ASN.1 BER MD5 algorithm designator prefix | |||
| required in PKCS #1 [RFC3447], that is, | required in PKCS #1 [RFC3447], that is, | |||
| hex 30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 10 | hex 30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 10 | |||
| This prefix is included to make it easier to use standard | This prefix is included to make it easier to use standard | |||
| cryptographic libraries. The FF octet MUST be repeated enough times | cryptographic libraries. The FF octet MUST be repeated enough times | |||
| that the value of the quantity being CRYPTed is exactly one octet | that the value of the quantity being CRYPTed is exactly one octet | |||
| shorter than the RSA modulus. | shorter than the RSA modulus. | |||
| Due to increases in computer processor power and advances in | See [RFC6151] for MD5 security considerations. | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| cryptography, use of RSA-MD5 is NOT RECOMMENDED [RFC6151]. | ||||
| 2.3.2 RSA-SHA256 | 2.3.2 RSA-SHA256 | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 | http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 | |||
| This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | |||
| in section 2.3.1 but with the ASN.1 BER SHA-256 algorithm designator | in section 2.3.1 but with the ASN.1 BER SHA-256 algorithm designator | |||
| prefix. An example of use is | prefix. An example of use is | |||
| <SignatureMethod | <SignatureMethod | |||
| skipping to change at page 13, line 5 ¶ | skipping to change at page 11, line 47 ¶ | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 | http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 | |||
| This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | |||
| in section 2.3.1 but with the ASN.1 BER SHA-512 algorithm designator | in section 2.3.1 but with the ASN.1 BER SHA-512 algorithm designator | |||
| prefix. An example of use is | prefix. An example of use is | |||
| <SignatureMethod | <SignatureMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /> | Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /> | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| 2.3.5 RSA-RIPEMD160 | 2.3.5 RSA-RIPEMD160 | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160 | http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160 | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | |||
| in section 2.3.1 but with the ASN.1 BER RIPEMD160 algorithm | in section 2.3.1 but with the ASN.1 BER RIPEMD160 algorithm | |||
| designator prefix. An example of use is | designator prefix. An example of use is | |||
| <SignatureMethod | <SignatureMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" | Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" | |||
| /> | /> | |||
| 2.3.6 ECDSA-SHA*, ECDSA-RIPEMD160, ECDSA-Whirlpool | 2.3.6 ECDSA-SHA*, ECDSA-RIPEMD160, ECDSA-Whirlpool | |||
| skipping to change at page 14, line 5 ¶ | skipping to change at page 12, line 49 ¶ | |||
| respectively result from the octet-encoding of the values r and s in | respectively result from the octet-encoding of the values r and s in | |||
| that order. Integer to octet-stream conversion must be done | that order. Integer to octet-stream conversion must be done | |||
| according to the I2OSP operation defined in the [RFC3447] | according to the I2OSP operation defined in the [RFC3447] | |||
| specification with the l parameter equal to the size of the base | specification with the l parameter equal to the size of the base | |||
| point order of the curve in bytes (e.g. 32 for the P-256 curve and 66 | point order of the curve in bytes (e.g. 32 for the P-256 curve and 66 | |||
| for the P-521 curve [FIPS186-3]). | for the P-521 curve [FIPS186-3]). | |||
| For an introduction to elliptic curve cryptographic algorithms, see | For an introduction to elliptic curve cryptographic algorithms, see | |||
| [RFC6090] but note that there is a Errata for that RFC. | [RFC6090] but note that there is a Errata for that RFC. | |||
| 2.3.7 ESIGN-SHA* | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 2.3.7 ESIGN-SHA1 | ||||
| Identifiers: | Identifiers: | |||
| http://www.w3.org/2001/04/xmldsig-more#esign-sha1 | http://www.w3.org/2001/04/xmldsig-more#esign-sha1 | |||
| http://www.w3.org/2001/04/xmldsig-more#esign-sha224 | http://www.w3.org/2001/04/xmldsig-more#esign-sha224 | |||
| http://www.w3.org/2001/04/xmldsig-more#esign-sha256 | http://www.w3.org/2001/04/xmldsig-more#esign-sha256 | |||
| http://www.w3.org/2001/04/xmldsig-more#esign-sha384 | http://www.w3.org/2001/04/xmldsig-more#esign-sha384 | |||
| http://www.w3.org/2001/04/xmldsig-more#esign-sha512 | http://www.w3.org/2001/04/xmldsig-more#esign-sha512 | |||
| The ESIGN algorithm specified in [IEEE P1363a] is a signature scheme | The ESIGN algorithm specified in [IEEE P1363a] is a signature scheme | |||
| based on the integer factorization problem. It is much faster than | based on the integer factorization problem. It is much faster than | |||
| previous digital signature schemes so ESIGN can be implemented on | previous digital signature schemes so ESIGN can be implemented on | |||
| skipping to change at page 14, line 32 ¶ | skipping to change at page 13, line 29 ¶ | |||
| <SignatureMethod | <SignatureMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#esign-sha1" | Algorithm="http://www.w3.org/2001/04/xmldsig-more#esign-sha1" | |||
| /> | /> | |||
| 2.3.8 RSA-Whirlpool | 2.3.8 RSA-Whirlpool | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2007/05/xmldsig-more#rsa-whirlpool | http://www.w3.org/2007/05/xmldsig-more#rsa-whirlpool | |||
| As in the definition of the RSA-SHA1 algorithm in [XMLDSIG], the | As in the definition of the RSA-SHA1 algorithm in [XMLDSIG11], the | |||
| designator "RSA" means the RSASSA-PKCS1-v1_5 algorithm as defined in | designator "RSA" means the RSASSA-PKCS1-v1_5 algorithm as defined in | |||
| PKCS2.1 [PKCS2.1]. When identified through the #rsa-whirlpool | PKCS2.1 [PKCS2.1]. When identified through the #rsa-whirlpool | |||
| fragment identifier, Whirlpool is used as the hash algorithm instead. | fragment identifier, Whirlpool is used as the hash algorithm instead. | |||
| Use of the ASN.1 BER Whirlpool algorithm designator is implied. That | Use of the ASN.1 BER Whirlpool algorithm designator is implied. That | |||
| designator is | designator is | |||
| hex 30 4e 30 0a 06 06 28 cf 06 03 00 37 05 00 04 40 | hex 30 4e 30 0a 06 06 28 cf 06 03 00 37 05 00 04 40 | |||
| as an explicit octet sequence. This corresponds to OID | as an explicit octet sequence. This corresponds to OID | |||
| 1.0.10118.3.0.55 defined in [10118-3]. | 1.0.10118.3.0.55 defined in [10118-3]. | |||
| An example of use is | An example of use is | |||
| skipping to change at page 15, line 5 ¶ | skipping to change at page 13, line 51 ¶ | |||
| <SignatureMethod | <SignatureMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-whirlpool" | Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-whirlpool" | |||
| /> | /> | |||
| 2.3.9 RSASSA-PSS With Parameters | 2.3.9 RSASSA-PSS With Parameters | |||
| Identifiers: | Identifiers: | |||
| http://www.w3.org/2007/05/xmldsig-more#rsa-pss | http://www.w3.org/2007/05/xmldsig-more#rsa-pss | |||
| http://www.w3.org/2007/05/xmldsig-more#MGF1 | http://www.w3.org/2007/05/xmldsig-more#MGF1 | |||
| These identifiers imply the PKCS#1 EMSA-PSS encoding algorithm | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| These identifiers imply the PKCS#1 EMSA-PSS encoding algorithm | ||||
| [RFC3447]. The RSASSA-PSS algorithm takes the digest method (hash | [RFC3447]. The RSASSA-PSS algorithm takes the digest method (hash | |||
| function), a mask generation function, the salt length in bytes | function), a mask generation function, the salt length in bytes | |||
| (SaltLength), and the trailer field as explicit parameters. | (SaltLength), and the trailer field as explicit parameters. | |||
| Algorithm identifiers for hash functions specified in XML encryption | Algorithm identifiers for hash functions specified in XML encryption | |||
| [XMLENC], [XMLDSIG], and in section 2.1 are considered to be valid | [XMLENC11], [XMLDSIG11], and in section 2.1 are considered to be | |||
| algorithm identifiers for hash functions. According to [RFC3447] the | valid algorithm identifiers for hash functions. According to | |||
| default value for the digest function is SHA-1, but due to the | [RFC3447] the default value for the digest function is SHA-1, but due | |||
| discovered weakness of SHA-1 [RFC6194] it is recommended that SHA-256 | to the discovered weakness of SHA-1 [RFC6194] it is recommended that | |||
| or a stronger hash function be used. Notwithstanding [RFC3447], | SHA-256 or a stronger hash function be used. Notwithstanding | |||
| SHA-256 is the default to be used with these SignatureMethod | [RFC3447], SHA-256 is the default to be used with these | |||
| identifiers if no hash function has been specified. | SignatureMethod identifiers if no hash function has been specified. | |||
| The default salt length for these SignatureMethod identifiers if the | The default salt length for these SignatureMethod identifiers if the | |||
| SaltLength is not specified shall be the number of octets in the hash | SaltLength is not specified SHALL be the number of octets in the hash | |||
| value of the digest method, as recommended in [RFC4055]. In a | value of the digest method, as recommended in [RFC4055]. In a | |||
| parameterized RSASSA-PSS signature the ds:DigestMethod and the | parameterized RSASSA-PSS signature the ds:DigestMethod and the | |||
| SaltLength parameters usually appear. If they do not, the defaults | SaltLength parameters usually appear. If they do not, the defaults | |||
| make this equivalent to http://www.w3.org/2007/05/xmldsig- | make this equivalent to http://www.w3.org/2007/05/xmldsig- | |||
| more#sha256-rsa-MGF1 (see section 2.3.10). The TrailerField defaults | more#sha256-rsa-MGF1 (see section 2.3.10). The TrailerField defaults | |||
| to 1 (0xbc) when omitted. | to 1 (0xbc) when omitted. | |||
| Schema Definition (target namespace | Schema Definition (target namespace | |||
| http://www.w3.org/2007/05/xmldsig-more#): | http://www.w3.org/2007/05/xmldsig-more#): | |||
| skipping to change at page 16, line 4 ¶ | skipping to change at page 14, line 56 ¶ | |||
| minOccurs="0"/> | minOccurs="0"/> | |||
| <xs:element name="TrailerField" type="xs:int" | <xs:element name="TrailerField" type="xs:int" | |||
| minOccurs="0"/> | minOccurs="0"/> | |||
| </xs:sequence> | </xs:sequence> | |||
| </xs:complexType> | </xs:complexType> | |||
| <xs:complexType name="MaskGenerationFunctionType"> | <xs:complexType name="MaskGenerationFunctionType"> | |||
| <xs:sequence> | <xs:sequence> | |||
| <xs:element ref="ds:DigestMethod" minOccurs="0"/> | <xs:element ref="ds:DigestMethod" minOccurs="0"/> | |||
| </xs:sequence> | </xs:sequence> | |||
| <xs:attribute name="Algorithm" type="xs:anyURI" | <xs:attribute name="Algorithm" type="xs:anyURI" | |||
| default="http://www.w3.org/2007/05/xmldsig-more#MGF1"/> | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| default="http://www.w3.org/2007/05/xmldsig-more#MGF1"/> | ||||
| </xs:complexType> | </xs:complexType> | |||
| 2.3.10 RSASSA-PSS Without Parameters | 2.3.10 RSASSA-PSS Without Parameters | |||
| [RFC3447] currently specifies only one mask generation function MGF1 | [RFC3447] currently specifies only one mask generation function MGF1 | |||
| based on a hash function. Whereas [RFC3447] allows for | based on a hash function. Whereas [RFC3447] allows for | |||
| parameterization, the default is to use the same hash function as the | parameterization, the default is to use the same hash function as the | |||
| digest method function. Only this default approach is supported by | digest method function. Only this default approach is supported by | |||
| this section, therefore the definition of a mask generation function | this section, therefore the definition of a mask generation function | |||
| type is not needed yet. The same applies to the trailer field. There | type is not needed yet. The same applies to the trailer field. There | |||
| skipping to change at page 17, line 4 ¶ | skipping to change at page 15, line 52 ¶ | |||
| "http://www.w3.org/2007/05/xmldsig-more#SHA3-256-rsa-MGF1" | "http://www.w3.org/2007/05/xmldsig-more#SHA3-256-rsa-MGF1" | |||
| /> | /> | |||
| 2.3.11 RSA-SHA224 | 2.3.11 RSA-SHA224 | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2007/05/xmldsig-more#rsa-sha224 | http://www.w3.org/2007/05/xmldsig-more#rsa-sha224 | |||
| This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | This implies the PKCS#1 v1.5 padding algorithm [RFC3447] as described | |||
| in section 2.3.1 but with the ASN.1 BER SHA-224 algorithm designator | in section 2.3.1 but with the ASN.1 BER SHA-224 algorithm designator | |||
| prefix. An example of use is | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| prefix. An example of use is | ||||
| <SignatureMethod | <SignatureMethod | |||
| Algorithm="http://www.w3.org/2007/05/xmldsig-more#rsa-sha224" /> | Algorithm="http://www.w3.org/2007/05/xmldsig-more#rsa-sha224" /> | |||
| Because it takes about the same effort to calculate a SHA-224 message | Because it takes about the same effort to calculate a SHA-224 message | |||
| digest as it does a SHA-256 message digest, it is suggested that RSA- | digest as it does a SHA-256 message digest, it is suggested that RSA- | |||
| SHA256 be used in preference to RSA-SHA224 where possible. | SHA256 be used in preference to RSA-SHA224 where possible. | |||
| 2.4 Minimal Canonicalization | 2.4 Minimal Canonicalization | |||
| Thus far two independent interoperable implementations of Minimal | Thus far two independent interoperable implementations of Minimal | |||
| Canonicalization have not been announced. Therefore, when XML | Canonicalization have not been announced. Therefore, when XML | |||
| Digital Signature was advanced from Proposed Standard [RFC3075] to | Digital Signature was advanced along the standards track from | |||
| Draft Standard [RFC3275], Minimal Canonicalization was dropped from | [RFC3075] to [RFC3275], Minimal Canonicalization was dropped. | |||
| the standard track documents. However, there is still interest. For | However, there is still interest. For its definition, see [RFC3075] | |||
| its definition, see [RFC3075] Section 6.5.1. | Section 6.5.1. | |||
| For reference, its identifier remains: | For reference, its identifier remains: | |||
| http://www.w3.org/2000/09/xmldsig#minimal | http://www.w3.org/2000/09/xmldsig#minimal | |||
| 2.5 Transform Algorithms | 2.5 Transform Algorithms | |||
| Note that all CanonicalizationMethod algorithms can also be used as | Note that all CanonicalizationMethod algorithms can also be used as | |||
| Transform algorithms. | Transform algorithms. | |||
| 2.5.1 XPointer | 2.5.1 XPointer | |||
| skipping to change at page 18, line 5 ¶ | skipping to change at page 16, line 50 ¶ | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more/xptr"> | Algorithm="http://www.w3.org/2001/04/xmldsig-more/xptr"> | |||
| <XPointer | <XPointer | |||
| xmlns="http://www.w3.org/2001/04/xmldsig-more/xptr"> | xmlns="http://www.w3.org/2001/04/xmldsig-more/xptr"> | |||
| xpointer(id("foo")) xmlns(bar=http://foobar.example) | xpointer(id("foo")) xmlns(bar=http://foobar.example) | |||
| xpointer(//bar:Zab[@Id="foo"]) | xpointer(//bar:Zab[@Id="foo"]) | |||
| </XPointer> | </XPointer> | |||
| </Transform> | </Transform> | |||
| Schema Definition: | Schema Definition: | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| <element name="XPointer" type="string"> | <element name="XPointer" type="string"> | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| DTD: | DTD: | |||
| <!ELEMENT XPointer (#PCDATA) > | <!ELEMENT XPointer (#PCDATA) > | |||
| Input to this transform is an octet stream (which is then parsed into | Input to this transform is an octet stream (which is then parsed into | |||
| XML). | XML). | |||
| Output from this transform is a node set; the results of the XPointer | Output from this transform is a node set; the results of the XPointer | |||
| are processed as defined in the XMLDSIG specification [RFC3275] for a | are processed as defined in the XMLDSIG specification [RFC3275] for a | |||
| same-document XPointer. | same-document XPointer. | |||
| skipping to change at page 18, line 40 ¶ | skipping to change at page 17, line 38 ¶ | |||
| ARCFOUR is a fast, simple stream encryption algorithm that is | ARCFOUR is a fast, simple stream encryption algorithm that is | |||
| compatible with RSA Security's RC4 algorithm [RC4]. An example | compatible with RSA Security's RC4 algorithm [RC4]. An example | |||
| EncryptionMethod element using ARCFOUR is | EncryptionMethod element using ARCFOUR is | |||
| <EncryptionMethod | <EncryptionMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmldsig-more#arcfour"> | Algorithm="http://www.w3.org/2001/04/xmldsig-more#arcfour"> | |||
| <KeySize>40<KeySize> | <KeySize>40<KeySize> | |||
| </EncryptionMethod> | </EncryptionMethod> | |||
| Note that Arcfour makes use of the generic KeySize parameter | Note that Arcfour makes use of the generic KeySize parameter | |||
| specified and defined in [XMLENC]. | specified and defined in [XMLENC11]. | |||
| 2.6.2 Camellia Block Encryption | 2.6.2 Camellia Block Encryption | |||
| Identifiers: | Identifiers: | |||
| http://www.w3.org/2001/04/xmldsig-more#camellia128-cbc | http://www.w3.org/2001/04/xmldsig-more#camellia128-cbc | |||
| http://www.w3.org/2001/04/xmldsig-more#camellia192-cbc | http://www.w3.org/2001/04/xmldsig-more#camellia192-cbc | |||
| http://www.w3.org/2001/04/xmldsig-more#camellia256-cbc | http://www.w3.org/2001/04/xmldsig-more#camellia256-cbc | |||
| Camellia is an efficient and secure block cipher with the same | Camellia is a block cipher with the same interface as the AES | |||
| interface as the AES [Camellia] [RFC3713], that is 128-bit block size | [Camellia] [RFC3713], that is 128-bit block size and 128, 192, and | |||
| 256 bit key sizes. In XML Encryption Camellia is used in the same way | ||||
| as the AES: It is used in the Cipher Block Chaining (CBC) mode with a | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| and 128, 192, and 256 bit key sizes. In XML Encryption Camellia is | 128-bit initialization vector (IV). The resulting cipher text is | |||
| used in the same way as the AES: It is used in the Cipher Block | prefixed by the IV. If included in XML output, it is then base64 | |||
| Chaining (CBC) mode with a 128-bit initialization vector (IV). The | encoded. An example Camellia EncryptionMethod is as follows: | |||
| resulting cipher text is prefixed by the IV. If included in XML | ||||
| output, it is then base64 encoded. An example Camellia | ||||
| EncryptionMethod is as follows: | ||||
| <EncryptionMethod | <EncryptionMethod | |||
| Algorithm= | Algorithm= | |||
| "http://www.w3.org/2001/04/xmldsig-more#camellia128-cbc" | "http://www.w3.org/2001/04/xmldsig-more#camellia128-cbc" | |||
| /> | /> | |||
| 2.6.3 Camellia Key Wrap | 2.6.3 Camellia Key Wrap | |||
| Identifiers: | Identifiers: | |||
| http://www.w3.org/2001/04/xmldsig-more#kw-camellia128 | http://www.w3.org/2001/04/xmldsig-more#kw-camellia128 | |||
| http://www.w3.org/2001/04/xmldsig-more#kw-camellia192 | http://www.w3.org/2001/04/xmldsig-more#kw-camellia192 | |||
| http://www.w3.org/2001/04/xmldsig-more#kw-camellia256 | http://www.w3.org/2001/04/xmldsig-more#kw-camellia256 | |||
| Camellia [Camellia] [RFC3713] key wrap is identical to the AES key | Camellia [Camellia] [RFC3713] key wrap is identical to the AES key | |||
| wrap algorithm [RFC3394] specified in the XML Encryption standard | wrap algorithm [RFC3394] specified in the XML Encryption standard | |||
| with "AES" replaced by "Camellia". As with AES key wrap, the check | with "AES" replaced by "Camellia". As with AES key wrap, the check | |||
| value is 0xA6A6A6A6A6A6A6A6. | value is 0xA6A6A6A6A6A6A6A6. | |||
| The algorithm is the same whatever the size of the Camellia key used | The algorithm is the same whatever the size of the Camellia key used | |||
| in wrapping, called the key encrypting key or KEK. The implementation | in wrapping, called the key encrypting key or KEK. If Camellia is | |||
| of Camellia is OPTIONAL. However, if it is supported, the same | supported, it is particularly suggested that wrapping 128-bit keys | |||
| implementation guidelines as to which combinations of KEK size and | with a 128-bit KEK and wrapping 256-bit keys with a 256-bit KEK be | |||
| wrapped key size should be required to be supported and which are | supported. | |||
| optional to be supported should be followed. That is to say, if | ||||
| Camellia key wrap is supported, they wrapping 128-bit keys with a | ||||
| 128-bit KEK and wrapping 256-bit keys with a 256-bit KEK are REQUIRED | ||||
| and all other combinations are OPTIONAL. | ||||
| An example of use is: | An example of use is: | |||
| <EncryptionMethod | <EncryptionMethod | |||
| Algorithm= | Algorithm= | |||
| "http://www.w3.org/2001/04/xmldsig-more#kw-camellia128" | "http://www.w3.org/2001/04/xmldsig-more#kw-camellia128" | |||
| /> | /> | |||
| 2.6.4 PSEC-KEM | 2.6.4 PSEC-KEM | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2001/04/xmldsig-more#psec-kem | http://www.w3.org/2001/04/xmldsig-more#psec-kem | |||
| INTERNET-DRAFT Additional XML Security URIs | The PSEC-KEM algorithm, specified in [18033-2], is a key | |||
| The PSEC-KEM algorithm, specified in [18033-3], is a key | ||||
| encapsulation mechanism using elliptic curve encryption. | encapsulation mechanism using elliptic curve encryption. | |||
| An example of use is: | An example of use is: | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| <EncryptionMethod | <EncryptionMethod | |||
| Algorithm="http://www.w3.org/2001/04/xmlenc#psec-kem"> | Algorithm="http://www.w3.org/2001/04/xmlenc#psec-kem"> | |||
| <ECParameters> | <ECParameters> | |||
| <Version>version</Version> | <Version>version</Version> | |||
| <FieldID>id</FieldID> | <FieldID>id</FieldID> | |||
| <Curve>curve</Curve> | <Curve>curve</Curve> | |||
| <Base>base</Base> | <Base>base</Base> | |||
| <Order>order</Order> | <Order>order</Order> | |||
| <Cofactor>cofactor</Cofactor> | <Cofactor>cofactor</Cofactor> | |||
| </ECParameters> | </ECParameters> | |||
| </EncryptionMethod> | </EncryptionMethod> | |||
| See [18033-3] for information on the parameters above. | See [18033-2] for information on the parameters above. | |||
| 2.6.5 SEED Block Encryption | 2.6.5 SEED Block Encryption | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2007/05/xmldsig-more#seed128-cbc | http://www.w3.org/2007/05/xmldsig-more#seed128-cbc | |||
| SEED [RFC4269] is an efficient and secure block cipher that is | SEED [RFC4269] is a 128-bit block size with 128-bit key sizes. In XML | |||
| 128-bit block size and 128-bit key sizes. In XML Encryption, SEED can | Encryption, SEED can be used in the Cipher Block Chaining (CBC) mode | |||
| be used in the Cipher Block Chaining (CBC) mode with a 128-bit | with a 128-bit initialization vector (IV). The resulting cipher text | |||
| initialization vector (IV). The resulting cipher text is prefixed by | is prefixed by the IV. If included in XML output, it is then base64 | |||
| the IV. If included in XML output, it is then base64 encoded. | encoded. | |||
| An example SEED EncryptionMethod is as follows: | An example SEED EncryptionMethod is as follows: | |||
| <EncryptionMethod | <EncryptionMethod | |||
| Algorithm="http://www.w3.org/2007/05/xmldsig-more#seed128-cbc" /> | Algorithm="http://www.w3.org/2007/05/xmldsig-more#seed128-cbc" /> | |||
| 2.6.6 SEED Key Wrap | 2.6.6 SEED Key Wrap | |||
| Identifier: | Identifier: | |||
| http://www.w3.org/2007/05/xmldsig-more#kw-seed128 | http://www.w3.org/2007/05/xmldsig-more#kw-seed128 | |||
| Key wrapping with SEED is identical to Section 2.2.1 of [RFC3394] | Key wrapping with SEED is identical to Section 2.2.1 of [RFC3394] | |||
| with "AES" replaced by "SEED". The algorithm is specified in | with "AES" replaced by "SEED". The algorithm is specified in | |||
| [RFC4010]. The implementation of SEED is optional. The default | [RFC4010]. The implementation of SEED is optional. The default | |||
| initial value is 0xA6A6A6A6A6A6A6A6. | initial value is 0xA6A6A6A6A6A6A6A6. | |||
| An example of use is: | An example of use is: | |||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| <EncryptionMethod | <EncryptionMethod | |||
| Algorithm= | Algorithm= | |||
| "http://www.w3.org/2007/05/xmldsig-more#kw-seed128" | "http://www.w3.org/2007/05/xmldsig-more#kw-seed128" | |||
| /> | /> | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 3. KeyInfo | 3. KeyInfo | |||
| In section 3.1 below a new KeyInfo element child is specified while | In section 3.1 below a new KeyInfo element child is specified while | |||
| skipping to change at page 23, line 27 ¶ | skipping to change at page 21, line 27 ¶ | |||
| 4.1 Fragment Index | 4.1 Fragment Index | |||
| The initial "http://www.w3.org/" part of the URI is not included | The initial "http://www.w3.org/" part of the URI is not included | |||
| below. The first six entries have a null fragment identifier or no | below. The first six entries have a null fragment identifier or no | |||
| fragment identifier. | fragment identifier. | |||
| Fragment URI Sec/Doc | Fragment URI Sec/Doc | |||
| --------- ---- -------- | --------- ---- -------- | |||
| 2002/06/xmldsig-filter2 [XPATH] | 2002/06/xmldsig-filter2 [XPATH] | |||
| 2006/12/xmlc12n11# [CANON] | 2006/12/xmlc12n11# [CANON11] | |||
| TR/1999/REC-xslt-19991116 [XSLT] | TR/1999/REC-xslt-19991116 [XSLT] | |||
| TR/1999/REC-xpath-19991116 [XPATH] | TR/1999/REC-xpath-19991116 [XPATH] | |||
| TR/2001/06/xml-exc-c14n# [XCANON] | TR/2001/06/xml-exc-c14n# [XCANON] | |||
| TR/2001/REC-xml-c14n-20010315 [CANON] | TR/2001/REC-xml-c14n-20010315 [CANON10] | |||
| TR/2001/REC-xmlschema-1-20010502 [Schema] | TR/2001/REC-xmlschema-1-20010502 [Schema] | |||
| aes128-cbc 2001/04/xmlenc#aes128-cbc [XMLENC] | aes128-cbc 2001/04/xmlenc#aes128-cbc [XMLENC11] | |||
| aes128-gcm 2009/xmlenc11#aes128-gcm [XMLENC] | aes128-gcm 2009/xmlenc11#aes128-gcm [XMLENC11] | |||
| aes192-cbc 2001/04/xmlenc#aes192-cbc [XMLENC] | aes192-cbc 2001/04/xmlenc#aes192-cbc [XMLENC11] | |||
| aes192-gcm 2009/xmlenc11#aes192-gcm [XMLENC] | aes192-gcm 2009/xmlenc11#aes192-gcm [XMLENC11] | |||
| aes256-cbc 2001/04/xmlenc#aes256-cbc [XMLENC] | aes256-cbc 2001/04/xmlenc#aes256-cbc [XMLENC11] | |||
| aes256-gcm 2009/xmlenc11#aes256-gcm [XMLENC] | aes256-gcm 2009/xmlenc11#aes256-gcm [XMLENC11] | |||
| arcfour 2001/04/xmldsig-more#arcfour 2.6.1 | arcfour 2001/04/xmldsig-more#arcfour 2.6.1 | |||
| base64 2000/09/xmldsig#base64 [RFC3275] | base64 2000/09/xmldsig#base64 [RFC3275] | |||
| camellia128-cbc 2001/04/xmldsig-more#camellia128-cbc 2.6.2 | camellia128-cbc 2001/04/xmldsig-more#camellia128-cbc 2.6.2 | |||
| camellia192-cbc 2001/04/xmldsig-more#camellia192-cbc 2.6.2 | camellia192-cbc 2001/04/xmldsig-more#camellia192-cbc 2.6.2 | |||
| camellia256-cbc 2001/04/xmldsig-more#camellia256-cbc 2.6.2 | camellia256-cbc 2001/04/xmldsig-more#camellia256-cbc 2.6.2 | |||
| ConcatKDF 2009/xmlenc11#ConcatKDF [XMLENC] | ConcatKDF 2009/xmlenc11#ConcatKDF [XMLENC11] | |||
| decrypt#XML 2002/07/decrypt#XML [DECRYPT] | decrypt#XML 2002/07/decrypt#XML [DECRYPT] | |||
| decrypt#Binary 2002/07/decrypt#Binary [DECRYPT] | decrypt#Binary 2002/07/decrypt#Binary [DECRYPT] | |||
| DEREncodedKeyValue 2009/xmldsig11#DEREncodedKeyValue [XMLDSIG] | DEREncodedKeyValue 2009/xmldsig11#DEREncodedKeyValue [XMLDSIG11] | |||
| dh 2001/04/xmlenc#dh [XMLENC] | dh 2001/04/xmlenc#dh [XMLENC11] | |||
| dh-es 2009/xmlenc11#dh-es [XMLENC] | dh-es 2009/xmlenc11#dh-es [XMLENC11] | |||
| dsa-sha1 2000/09/xmldsig#dsa-sha1 [RFC3275] | dsa-sha1 2000/09/xmldsig#dsa-sha1 [RFC3275] | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| dsa-sha256 2009/xmldsig11#dsa-sha256 [XMLDSIG] | dsa-sha256 2009/xmldsig11#dsa-sha256 [XMLDSIG11] | |||
| DSAKeyValue 2000/09/xmldsig#DSAKeyValue [XMLDSIG] | DSAKeyValue 2000/09/xmldsig#DSAKeyValue [XMLDSIG11] | |||
| ECDH-ES 2009/xmlenc11#ECDH-ES [XMLENC] | ECDH-ES 2009/xmlenc11#ECDH-ES [XMLENC11] | |||
| ecdsa-ripemd160 2007/05/xmldsig-more#ecdsa-ripemd160 2.3.6 | ecdsa-ripemd160 2007/05/xmldsig-more#ecdsa-ripemd160 2.3.6 | |||
| ecdsa-sha1 2001/04/xmldsig-more#ecdsa-sha1 2.3.6 | ecdsa-sha1 2001/04/xmldsig-more#ecdsa-sha1 2.3.6 | |||
| ecdsa-sha224 2001/04/xmldsig-more#ecdsa-sha224 2.3.6 | ecdsa-sha224 2001/04/xmldsig-more#ecdsa-sha224 2.3.6 | |||
| ecdsa-sha256 2001/04/xmldsig-more#ecdsa-sha256 2.3.6 | ecdsa-sha256 2001/04/xmldsig-more#ecdsa-sha256 2.3.6 | |||
| ecdsa-sha384 2001/04/xmldsig-more#ecdsa-sha384 2.3.6 | ecdsa-sha384 2001/04/xmldsig-more#ecdsa-sha384 2.3.6 | |||
| ecdsa-sha512 2001/04/xmldsig-more#ecdsa-sha512 2.3.6 | ecdsa-sha512 2001/04/xmldsig-more#ecdsa-sha512 2.3.6 | |||
| ecdsa-whirlpool 2007/05/xmldsig-more#ecdsa-whirlpool 2.3.5 | ecdsa-whirlpool 2007/05/xmldsig-more#ecdsa-whirlpool 2.3.5 | |||
| ecies-kem 2010/xmlsec-ghc#ecies-kem [GENERIC] | ecies-kem 2010/xmlsec-ghc#ecies-kem [GENERIC] | |||
| ECKeyValue 2009/xmldsig11#ECKeyValue [XMLDSIG] | ECKeyValue 2009/xmldsig11#ECKeyValue [XMLDSIG11] | |||
| enveloped-signature 2000/09/xmldsig#enveloped-signature [RFC3275] | enveloped-signature 2000/09/xmldsig#enveloped-signature [RFC3275] | |||
| esign-sha1 2001/04/xmldsig-more#esign-sha1 2.3.7 | esign-sha1 2001/04/xmldsig-more#esign-sha1 2.3.7 | |||
| esign-sha224 2001/04/xmldsig-more#esign-sha224 2.3.7 | esign-sha224 2001/04/xmldsig-more#esign-sha224 2.3.7 | |||
| esign-sha256 2001/04/xmldsig-more#esign-sha256 2.3.7 | esign-sha256 2001/04/xmldsig-more#esign-sha256 2.3.7 | |||
| esign-sha384 2001/04/xmldsig-more#esign-sha384 2.3.7 | esign-sha384 2001/04/xmldsig-more#esign-sha384 2.3.7 | |||
| esign-sha512 2001/04/xmldsig-more#esign-sha512 2.3.7 | esign-sha512 2001/04/xmldsig-more#esign-sha512 2.3.7 | |||
| generic-hybrid 2010/xmlsec-ghc#generic-hybrid [GENERIC] | generic-hybrid 2010/xmlsec-ghc#generic-hybrid [GENERIC] | |||
| hmac-md5 2001/04/xmldsig-more#hmac-md5 2.2.1 | hmac-md5 2001/04/xmldsig-more#hmac-md5 2.2.1 | |||
| hmac-ripemd160 2001/04/xmldsig-more#hmac-ripemd160 2.2.3 | hmac-ripemd160 2001/04/xmldsig-more#hmac-ripemd160 2.2.3 | |||
| hmac-sha1 2000/09/xmldsig#hmac-sha1 [RFC3275] | hmac-sha1 2000/09/xmldsig#hmac-sha1 [RFC3275] | |||
| hmac-sha224 2001/04/xmldsig-more#hmac-sha224 2.2.2 | hmac-sha224 2001/04/xmldsig-more#hmac-sha224 2.2.2 | |||
| hmac-sha256 2001/04/xmldsig-more#hmac-sha256 2.2.2 | hmac-sha256 2001/04/xmldsig-more#hmac-sha256 2.2.2 | |||
| hmac-sha384 2001/04/xmldsig-more#hmac-sha384 2.2.2 | hmac-sha384 2001/04/xmldsig-more#hmac-sha384 2.2.2 | |||
| hmac-sha512 2001/04/xmldsig-more#hmac-sha512 2.2.2 | hmac-sha512 2001/04/xmldsig-more#hmac-sha512 2.2.2 | |||
| KeyName 2001/04/xmldsig-more#KeyName 3.2 | KeyName 2001/04/xmldsig-more#KeyName 3.2 | |||
| KeyValue 2001/04/xmldsig-more#KeyValue 3.2 | KeyValue 2001/04/xmldsig-more#KeyValue 3.2 | |||
| kw-aes128 2001/04/xmlenc#kw-aes128 [XMLENC] | kw-aes128 2001/04/xmlenc#kw-aes128 [XMLENC11] | |||
| kw-aes128-pad 2009/xmlenc11#kw-aes-128-pad [XMLENC] | kw-aes128-pad 2009/xmlenc11#kw-aes-128-pad [XMLENC11] | |||
| kw-aes192 2001/04/xmlenc#kw-aes192 [XMLENC] | kw-aes192 2001/04/xmlenc#kw-aes192 [XMLENC11] | |||
| kw-aes192-pad 2009/xmlenc11#kw-aes-192-pad [XMLENC] | kw-aes192-pad 2009/xmlenc11#kw-aes-192-pad [XMLENC11] | |||
| kw-aes256 2001/04/xmlenc#kw-aes256 [XMLENC] | kw-aes256 2001/04/xmlenc#kw-aes256 [XMLENC11] | |||
| kw-aes256-pad 2009/xmlenc11#kw-aes-256-pad [XMLENC] | kw-aes256-pad 2009/xmlenc11#kw-aes-256-pad [XMLENC11] | |||
| kw-camellia128 2001/04/xmldsig-more#kw-camellia128 2.6.3 | kw-camellia128 2001/04/xmldsig-more#kw-camellia128 2.6.3 | |||
| kw-camellia192 2001/04/xmldsig-more#kw-camellia192 2.6.3 | kw-camellia192 2001/04/xmldsig-more#kw-camellia192 2.6.3 | |||
| kw-camellia256 2001/04/xmldsig-more#kw-camellia256 2.6.3 | kw-camellia256 2001/04/xmldsig-more#kw-camellia256 2.6.3 | |||
| kw-seed128 2007/05/xmldsig-more#kw-seed128 2.6.6 | kw-seed128 2007/05/xmldsig-more#kw-seed128 2.6.6 | |||
| md2-rsa-MGF1 2007/05/xmldsig-more#md2-rsa-MGF1 2.3.10 | md2-rsa-MGF1 2007/05/xmldsig-more#md2-rsa-MGF1 2.3.10 | |||
| md5 2001/04/xmldsig-more#md5 2.1.1 | md5 2001/04/xmldsig-more#md5 2.1.1 | |||
| md5-rsa-MGF1 2007/05/xmldsig-more#md5-rsa-MGF1 2.3.10 | md5-rsa-MGF1 2007/05/xmldsig-more#md5-rsa-MGF1 2.3.10 | |||
| MGF1 2007/05/xmldsig-more#MGF1 2.3.9 | MGF1 2007/05/xmldsig-more#MGF1 2.3.9 | |||
| mgf1sha1 2009/xmlenc11#mgf1sha1 [XMLENC] | mgf1sha1 2009/xmlenc11#mgf1sha1 [XMLENC11] | |||
| mgf1sha224 2009/xmlenc11#mgf1sha224 [XMLENC] | mgf1sha224 2009/xmlenc11#mgf1sha224 [XMLENC11] | |||
| mgf1sha256 2009/xmlenc11#mgf1sha256 [XMLENC] | mgf1sha256 2009/xmlenc11#mgf1sha256 [XMLENC11] | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| mgf1sha384 2009/xmlenc11#mgf1sha384 [XMLENC] | mgf1sha384 2009/xmlenc11#mgf1sha384 [XMLENC11] | |||
| mgf1sha512 2009/xmlenc11#mgf1sha512 [XMLENC] | mgf1sha512 2009/xmlenc11#mgf1sha512 [XMLENC11] | |||
| MgmtData 2000/09/xmldsig#MgmtData [XMLDSIG] | MgmtData 2000/09/xmldsig#MgmtData [XMLDSIG11] | |||
| minimal 2000/09/xmldsig#minimal 2.4 | minimal 2000/09/xmldsig#minimal 2.4 | |||
| pbkdf2 2009/xmlenc11#pbkdf2 [XMLENC] | pbkdf2 2009/xmlenc11#pbkdf2 [XMLENC11] | |||
| PGPData 2000/09/xmldsig#PGPData [XMLDSIG] | PGPData 2000/09/xmldsig#PGPData [XMLDSIG11] | |||
| PKCS7signedData 2001/04/xmldsig-more#PKCS7signedData 3.1 | PKCS7signedData 2001/04/xmldsig-more#PKCS7signedData 3.1 | |||
| PKCS7signedData 2001/04/xmldsig-more#PKCS7signedData 3.2 | PKCS7signedData 2001/04/xmldsig-more#PKCS7signedData 3.2 | |||
| psec-kem 2001/04/xmldsig-more#psec-kem 2.6.4 | psec-kem 2001/04/xmldsig-more#psec-kem 2.6.4 | |||
| rawPGPKeyPacket 2001/04/xmldsig-more#rawPGPKeyPacket 3.2 | rawPGPKeyPacket 2001/04/xmldsig-more#rawPGPKeyPacket 3.2 | |||
| rawPKCS7signedData 2001/04/xmldsig-more#rawPKCS7signedData 3.2 | rawPKCS7signedData 2001/04/xmldsig-more#rawPKCS7signedData 3.2 | |||
| rawSPKISexp 2001/04/xmldsig-more#rawSPKISexp 3.2 | rawSPKISexp 2001/04/xmldsig-more#rawSPKISexp 3.2 | |||
| rawX509Certificate 2000/09/xmldsig#rawX509Certificate [RFC3275] | rawX509Certificate 2000/09/xmldsig#rawX509Certificate [RFC3275] | |||
| rawX509CRL 2001/04/xmldsig-more#rawX509CRL 3.2 | rawX509CRL 2001/04/xmldsig-more#rawX509CRL 3.2 | |||
| RetrievalMethod 2001/04/xmldsig-more#RetrievalMethod 3.2 | RetrievalMethod 2001/04/xmldsig-more#RetrievalMethod 3.2 | |||
| ripemd128-rsa-MGF1 2007/05/xmldsig-more#ripemd128-rsa-MGF1 | ripemd128-rsa-MGF1 2007/05/xmldsig-more#ripemd128-rsa-MGF1 | |||
| 2.3.10 | 2.3.10 | |||
| ripemd160 2001/04/xmlenc#ripemd160 [XMLENC] | ripemd160 2001/04/xmlenc#ripemd160 [XMLENC11] | |||
| ripemd160-rsa-MGF1 2007/05/xmldsig-more#ripemd160-rsa-MGF1 | ripemd160-rsa-MGF1 2007/05/xmldsig-more#ripemd160-rsa-MGF1 | |||
| 2.3.10 | 2.3.10 | |||
| rsa-1_5 2001/04/xmlenc#rsa-1_5 [XMLENC] | rsa-1_5 2001/04/xmlenc#rsa-1_5 [XMLENC11] | |||
| rsa-md5 2001/04/xmldsig-more#rsa-md5 2.3.1 | rsa-md5 2001/04/xmldsig-more#rsa-md5 2.3.1 | |||
| rsa-oaep 2009/xmlenc11#rsa-oaep [XMLENC] | rsa-oaep 2009/xmlenc11#rsa-oaep [XMLENC11] | |||
| rsa-oaep-mgf1p 2001/04/xmlenc#rsa-oaep-mgf1p [XMLENC] | rsa-oaep-mgf1p 2001/04/xmlenc#rsa-oaep-mgf1p [XMLENC11] | |||
| rsa-pss 2007/05/xmldsig-more#rsa-pss 2.3.9 | rsa-pss 2007/05/xmldsig-more#rsa-pss 2.3.9 | |||
| rsa-ripemd160 2001/04/xmldsig-more#rsa-ripemd160 2.3.5 | rsa-ripemd160 2001/04/xmldsig-more#rsa-ripemd160 2.3.5 | |||
| rsa-sha1 2000/09/xmldsig#rsa-sha1 [RFC3275] | rsa-sha1 2000/09/xmldsig#rsa-sha1 [RFC3275] | |||
| rsa-sha224 2007/05/xmldsig-more#rsa-sha224 2.3.11 | rsa-sha224 2007/05/xmldsig-more#rsa-sha224 2.3.11 | |||
| rsa-sha256 2001/04/xmldsig-more#rsa-sha256 2.3.2 | rsa-sha256 2001/04/xmldsig-more#rsa-sha256 2.3.2 | |||
| rsa-sha384 2001/04/xmldsig-more#rsa-sha384 2.3.3 | rsa-sha384 2001/04/xmldsig-more#rsa-sha384 2.3.3 | |||
| rsa-sha512 2001/04/xmldsig-more#rsa-sha512 2.3.4 | rsa-sha512 2001/04/xmldsig-more#rsa-sha512 2.3.4 | |||
| rsa-whirlpool 2007/05/xmldsig-more#rsa-whirlpool 2.3.5 | rsa-whirlpool 2007/05/xmldsig-more#rsa-whirlpool 2.3.5 | |||
| rsaes-kem 2010/xmlsec-ghc#rsaes-kem [GENERIC] | rsaes-kem 2010/xmlsec-ghc#rsaes-kem [GENERIC] | |||
| RSAKeyValue 2000/09/xmldsig#RSAKeyValue [XMLDSIG] | RSAKeyValue 2000/09/xmldsig#RSAKeyValue [XMLDSIG11] | |||
| seed128-cbc 2007/05/xmldsig-more#seed128-cbc 2.6.5 | seed128-cbc 2007/05/xmldsig-more#seed128-cbc 2.6.5 | |||
| sha1 2000/09/xmldsig#sha1 [RFC3275] | sha1 2000/09/xmldsig#sha1 [RFC3275] | |||
| sha1-rsa-MGF1 2007/05/xmldsig-more#sha1-rsa-MGF1 2.3.10 | sha1-rsa-MGF1 2007/05/xmldsig-more#sha1-rsa-MGF1 2.3.10 | |||
| sha224 2001/04/xmldsig-more#sha224 2.1.2 | sha224 2001/04/xmldsig-more#sha224 2.1.2 | |||
| sha224-rsa-MGF1 2007/05/xmldsig-more#sha224-rsa-MGF1 2.3.10 | sha224-rsa-MGF1 2007/05/xmldsig-more#sha224-rsa-MGF1 2.3.10 | |||
| sha256 2001/04/xmlenc#sha256 [XMLENC] | sha256 2001/04/xmlenc#sha256 [XMLENC11] | |||
| sha256-rsa-MGF1 2007/05/xmldsig-more#sha256-rsa-MGF1 2.3.10 | sha256-rsa-MGF1 2007/05/xmldsig-more#sha256-rsa-MGF1 2.3.10 | |||
| sha3-224 2007/05/xmldsig-more#sha3-224 2.1.5 | sha3-224 2007/05/xmldsig-more#sha3-224 2.1.5 | |||
| sha3-224-rsa-MGF1 2007/05/xmldsig-more#sha3-224-rsa-MGF1 2.3.10 | sha3-224-rsa-MGF1 2007/05/xmldsig-more#sha3-224-rsa-MGF1 2.3.10 | |||
| sha3-256 2007/05/xmldsig-more#sha3-256 2.1.5 | sha3-256 2007/05/xmldsig-more#sha3-256 2.1.5 | |||
| sha3-256-rsa-MGF1 2007/05/xmldsig-more#sha3-256-rsa-MGF1 2.3.10 | sha3-256-rsa-MGF1 2007/05/xmldsig-more#sha3-256-rsa-MGF1 2.3.10 | |||
| sha3-384 2007/05/xmldsig-more#sha3-384 2.1.5 | sha3-384 2007/05/xmldsig-more#sha3-384 2.1.5 | |||
| sha3-384-rsa-MGF1 2007/05/xmldsig-more#sha3-384-rsa-MGF1 2.3.10 | sha3-384-rsa-MGF1 2007/05/xmldsig-more#sha3-384-rsa-MGF1 2.3.10 | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| sha3-512 2007/05/xmldsig-more#sha3-512 2.1.5 | sha3-512 2007/05/xmldsig-more#sha3-512 2.1.5 | |||
| sha3-512-rsa-MGF1 2007/05/xmldsig-more#sha3-512-rsa-MGF1 2.3.10 | sha3-512-rsa-MGF1 2007/05/xmldsig-more#sha3-512-rsa-MGF1 2.3.10 | |||
| sha384 2001/04/xmldsig-more#sha384 2.1.3 | sha384 2001/04/xmldsig-more#sha384 2.1.3 | |||
| sha384-rsa-MGF1 2007/05/xmldsig-more#sha384-rsa-MGF1 2.3.10 | sha384-rsa-MGF1 2007/05/xmldsig-more#sha384-rsa-MGF1 2.3.10 | |||
| sha512 2001/04/xmlenc#sha512 [XMLENC] | sha512 2001/04/xmlenc#sha512 [XMLENC11] | |||
| sha512-rsa-MGF1 2007/05/xmldsig-more#sha512-rsa-MGF1 2.3.10 | sha512-rsa-MGF1 2007/05/xmldsig-more#sha512-rsa-MGF1 2.3.10 | |||
| SPKIData 2000/09/xmldsig#SPKIData [XMLDSIG] | SPKIData 2000/09/xmldsig#SPKIData [XMLDSIG11] | |||
| tripledes-cbc 2001/04/xmlenc#tripledes-cbc [XMLENC] | tripledes-cbc 2001/04/xmlenc#tripledes-cbc [XMLENC11] | |||
| whirlpool 2007/05/xmldsig-more#whirlpool 2.1.4 | whirlpool 2007/05/xmldsig-more#whirlpool 2.1.4 | |||
| whirlpool-rsa-MGF1 2007/05/xmldsig-more#whirlpool-rsa-MGF1 | whirlpool-rsa-MGF1 2007/05/xmldsig-more#whirlpool-rsa-MGF1 | |||
| 2.3.10 | 2.3.10 | |||
| WithComments 2006/12/xmlc14n11#WithComments [CANON] | WithComments 2006/12/xmlc14n11#WithComments [CANON11] | |||
| WithComments TR/2001/06/xml-exc-c14n#WithComments | WithComments TR/2001/06/xml-exc-c14n#WithComments | |||
| [XCANON] | [XCANON] | |||
| WithComments TR/2001/REC-xml-c14n-20010315#WithComments | WithComments TR/2001/REC-xml-c14n-20010315#WithComments | |||
| [CANON] | [CANON10] | |||
| X509Data 2000/09/xmldsig#X509Data [XMLDSIG] | X509Data 2000/09/xmldsig#X509Data [XMLDSIG11] | |||
| xptr 2001/04/xmldsig-more#xptr 2.5.1 | xptr 2001/04/xmldsig-more#xptr 2.5.1 | |||
| The initial "http://www.w3.org/" part of the URI is not included | The initial "http://www.w3.org/" part of the URI is not included | |||
| above. | above. | |||
| 4.2 URI Index | 4.2 URI Index | |||
| The initial "http://www.w3.org/" part of the URI is not included | The initial "http://www.w3.org/" part of the URI is not included | |||
| below. | below. | |||
| skipping to change at page 27, line 50 ¶ | skipping to change at page 25, line 50 ¶ | |||
| 2001/04/xmldsig-more#rsa-md5 2.3.1 SignatureMethod | 2001/04/xmldsig-more#rsa-md5 2.3.1 SignatureMethod | |||
| 2001/04/xmldsig-more#rsa-sha256 2.3.2 SignatureMethod | 2001/04/xmldsig-more#rsa-sha256 2.3.2 SignatureMethod | |||
| 2001/04/xmldsig-more#rsa-sha384 2.3.3 SignatureMethod | 2001/04/xmldsig-more#rsa-sha384 2.3.3 SignatureMethod | |||
| 2001/04/xmldsig-more#rsa-sha512 2.3.4 SignatureMethod | 2001/04/xmldsig-more#rsa-sha512 2.3.4 SignatureMethod | |||
| 2001/04/xmldsig-more#rsa-ripemd160 2.3.5 SignatureMethod | 2001/04/xmldsig-more#rsa-ripemd160 2.3.5 SignatureMethod | |||
| 2001/04/xmldsig-more#sha224 2.1.2 DigestAlgorithm | 2001/04/xmldsig-more#sha224 2.1.2 DigestAlgorithm | |||
| 2001/04/xmldsig-more#sha384 2.1.3 DigestAlgorithm | 2001/04/xmldsig-more#sha384 2.1.3 DigestAlgorithm | |||
| 2001/04/xmldsig-more#xptr 2.5.1 Transform | 2001/04/xmldsig-more#xptr 2.5.1 Transform | |||
| 2001/04/xmldsig-more#PKCS7signedData 3.1 KeyInfo child | 2001/04/xmldsig-more#PKCS7signedData 3.1 KeyInfo child | |||
| 2001/04/xmlenc#aes128-cbc [XMLENC] EncryptionMethod | 2001/04/xmlenc#aes128-cbc [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#aes192-cbc [XMLENC] EncryptionMethod | 2001/04/xmlenc#aes192-cbc [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#aes256-cbc [XMLENC] EncryptionMethod | 2001/04/xmlenc#aes256-cbc [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#dh [XMLENC] AgreementMethod | 2001/04/xmlenc#dh [XMLENC11] AgreementMethod | |||
| 2001/04/xmlenc#kw-aes128 [XMLENC] EncryptionMethod | 2001/04/xmlenc#kw-aes128 [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#kw-aes192 [XMLENC] EncryptionMethod | 2001/04/xmlenc#kw-aes192 [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#kw-aes256 [XMLENC] EncryptionMethod | 2001/04/xmlenc#kw-aes256 [XMLENC11] EncryptionMethod | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 2001/04/xmlenc#ripemd160 [XMLENC] DigestAlgorithm | 2001/04/xmlenc#ripemd160 [XMLENC11] DigestAlgorithm | |||
| 2001/04/xmlenc#rsa-1_5 [XMLENC] EncryptionMethod | 2001/04/xmlenc#rsa-1_5 [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#rsa-oaep-mgf1p [XMLENC] EncryptionMethod | 2001/04/xmlenc#rsa-oaep-mgf1p [XMLENC11] EncryptionMethod | |||
| 2001/04/xmlenc#sha256 [XMLENC] DigestAlgorithm | 2001/04/xmlenc#sha256 [XMLENC11] DigestAlgorithm | |||
| 2001/04/xmlenc#sha512 [XMLENC] DigestAlgorithm | 2001/04/xmlenc#sha512 [XMLENC11] DigestAlgorithm | |||
| 2001/04/xmlenc#tripledes-cbc [XMLENC] EncryptionMethod | 2001/04/xmlenc#tripledes-cbc [XMLENC11] EncryptionMethod | |||
| 2002/06/xmldsig-filter2 [XPATH] Transform | 2002/06/xmldsig-filter2 [XPATH] Transform | |||
| 2002/07/decrypt#XML [DECRYPT] Transform | 2002/07/decrypt#XML [DECRYPT] Transform | |||
| 2002/07/decrypt#Binary [DECRYPT] Transform | 2002/07/decrypt#Binary [DECRYPT] Transform | |||
| 2006/12/xmlc12n11# [CANON] Canonicalization | 2006/12/xmlc12n11# [CANON11] Canonicalization | |||
| 2006/12/xmlc14n11#WithComments [CANON] Canonicalization | 2006/12/xmlc14n11#WithComments [CANON11] Canonicalization | |||
| 2007/05/xmldsig-more#ecdsa-ripemd160 2.3.6 SignatureMethod | 2007/05/xmldsig-more#ecdsa-ripemd160 2.3.6 SignatureMethod | |||
| 2007/05/xmldsig-more#ecdsa-whirlpool 2.3.5 SignatureMethod | 2007/05/xmldsig-more#ecdsa-whirlpool 2.3.5 SignatureMethod | |||
| 2007/05/xmldsig-more#kw-seed128 2.6.6 EncryptionMethod | 2007/05/xmldsig-more#kw-seed128 2.6.6 EncryptionMethod | |||
| 2007/05/xmldsig-more#md2-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#md2-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#md5-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#md5-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#MGF1 2.3.9 SignatureMethod | 2007/05/xmldsig-more#MGF1 2.3.9 SignatureMethod | |||
| 2007/05/xmldsig-more#ripemd128-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#ripemd128-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#ripemd160-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#ripemd160-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#rsa-pss 2.3.9 SignatureMethod | 2007/05/xmldsig-more#rsa-pss 2.3.9 SignatureMethod | |||
| skipping to change at page 28, line 49 ¶ | skipping to change at page 26, line 49 ¶ | |||
| 2007/05/xmldsig-more#sha3-256 2.1.5 DigestAlgorithm | 2007/05/xmldsig-more#sha3-256 2.1.5 DigestAlgorithm | |||
| 2007/05/xmldsig-more#sha3-256-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#sha3-256-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#sha3-384 2.1.5 DigestAlgorithm | 2007/05/xmldsig-more#sha3-384 2.1.5 DigestAlgorithm | |||
| 2007/05/xmldsig-more#sha3-384-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#sha3-384-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#sha3-512 2.1.5 DigestAlgorithm | 2007/05/xmldsig-more#sha3-512 2.1.5 DigestAlgorithm | |||
| 2007/05/xmldsig-more#sha3-512-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#sha3-512-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#sha384-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#sha384-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#sha512-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#sha512-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2007/05/xmldsig-more#whirlpool 2.1.4 DigestAlgorithm | 2007/05/xmldsig-more#whirlpool 2.1.4 DigestAlgorithm | |||
| 2007/05/xmldsig-more#whirlpool-rsa-MGF1 2.3.10 SignatureMethod | 2007/05/xmldsig-more#whirlpool-rsa-MGF1 2.3.10 SignatureMethod | |||
| 2009/xmlenc11#kw-aes-128-pad [XMLENC] EncryptionMethod | 2009/xmlenc11#kw-aes-128-pad [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#kw-aes-192-pad [XMLENC] EncryptionMethod | 2009/xmlenc11#kw-aes-192-pad [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#kw-aes-256-pad [XMLENC] EncryptionMethod | 2009/xmlenc11#kw-aes-256-pad [XMLENC11] EncryptionMethod | |||
| 2009/xmldsig11#dsa-sha256 [XMLDSIG] SignatureMethod | 2009/xmldsig11#dsa-sha256 [XMLDSIG11] SignatureMethod | |||
| 2009/xmldsig11#ECKeyValue [XMLDSIG] Retrieval type | 2009/xmldsig11#ECKeyValue [XMLDSIG11] Retrieval type | |||
| 2009/xmldsig11#DEREncodedKeyValue [XMLDSIG] Retrieval type | 2009/xmldsig11#DEREncodedKeyValue [XMLDSIG11] Retrieval type | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 2009/xmlenc11#aes128-gcm [XMLENC] EncryptionMethod | 2009/xmlenc11#aes128-gcm [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#aes192-gcm [XMLENC] EncryptionMethod | 2009/xmlenc11#aes192-gcm [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#aes256-gcm [XMLENC] EncryptionMethod | 2009/xmlenc11#aes256-gcm [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#ConcatKDF [XMLENC] EncryptionMethod | 2009/xmlenc11#ConcatKDF [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#mgf1sha1 [XMLENC] SignatureMethod | 2009/xmlenc11#mgf1sha1 [XMLENC11] SignatureMethod | |||
| 2009/xmlenc11#mgf1sha224 [XMLENC] SignatureMethod | 2009/xmlenc11#mgf1sha224 [XMLENC11] SignatureMethod | |||
| 2009/xmlenc11#mgf1sha256 [XMLENC] SignatureMethod | 2009/xmlenc11#mgf1sha256 [XMLENC11] SignatureMethod | |||
| 2009/xmlenc11#mgf1sha384 [XMLENC] SignatureMethod | 2009/xmlenc11#mgf1sha384 [XMLENC11] SignatureMethod | |||
| 2009/xmlenc11#mgf1sha512 [XMLENC] SignatureMethod | 2009/xmlenc11#mgf1sha512 [XMLENC11] SignatureMethod | |||
| 2009/xmlenc11#pbkdf2 [XMLENC] EncryptionMethod | 2009/xmlenc11#pbkdf2 [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#rsa-oaep [XMLENC] EncryptionMethod | 2009/xmlenc11#rsa-oaep [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#ECDH-ES [XMLENC] EncryptionMethod | 2009/xmlenc11#ECDH-ES [XMLENC11] EncryptionMethod | |||
| 2009/xmlenc11#dh-es [XMLENC] EncryptionMethod | 2009/xmlenc11#dh-es [XMLENC11] EncryptionMethod | |||
| 2010/xmlsec-ghc#generic-hybrid [GENERIC] Generic Hybrid | 2010/xmlsec-ghc#generic-hybrid [GENERIC] Generic Hybrid | |||
| 2010/xmlsec-ghc#rsaes-kem [GENERIC] Generic Hybrid | 2010/xmlsec-ghc#rsaes-kem [GENERIC] Generic Hybrid | |||
| 2010/xmlsec-ghc#ecies-kem [GENERIC] Generic Hybrid | 2010/xmlsec-ghc#ecies-kem [GENERIC] Generic Hybrid | |||
| TR/1999/REC-xpath-19991116 [XPATH] Transform | TR/1999/REC-xpath-19991116 [XPATH] Transform | |||
| TR/1999/REC-xslt-19991116 [XSLT] Transform | TR/1999/REC-xslt-19991116 [XSLT] Transform | |||
| TR/2001/06/xml-exc-c14n# [XCANON] Canonicalization | TR/2001/06/xml-exc-c14n# [XCANON] Canonicalization | |||
| TR/2001/06/xml-exc-c14n#WithComments | TR/2001/06/xml-exc-c14n#WithComments | |||
| [XCANON] Canonicalization | [XCANON] Canonicalization | |||
| TR/2001/REC-xml-c14n-20010315 [CANON] Canonicalization | TR/2001/REC-xml-c14n-20010315 [CANON10] Canonicalization | |||
| TR/2001/REC-xml-c14n-20010315#WithComments | TR/2001/REC-xml-c14n-20010315#WithComments | |||
| [CANON] Canonicalization | [CANON10] Canonicalization | |||
| TR/2001/REC-xmlschema-1-20010502 [Schema] Transform | TR/2001/REC-xmlschema-1-20010502 [Schema] Transform | |||
| The initial "http://www.w3.org/" part of the URI is not included | The initial "http://www.w3.org/" part of the URI is not included | |||
| above. | above. | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 5. Allocation Considerations | 5. Allocation Considerations | |||
| W3C and IANA allocation considerations are given below. | W3C and IANA allocation considerations are given below. | |||
| skipping to change at page 30, line 22 ¶ | skipping to change at page 28, line 22 ¶ | |||
| As it is easy for people to construct their own unique URIs [RFC3986] | As it is easy for people to construct their own unique URIs [RFC3986] | |||
| and, if appropriate, to obtain a URI from the W3C, it is not intended | and, if appropriate, to obtain a URI from the W3C, it is not intended | |||
| that any additional "http://www.w3.org/2007/05/xmldsig-more#" URIs be | that any additional "http://www.w3.org/2007/05/xmldsig-more#" URIs be | |||
| created beyond those enumerated in this RFC. (W3C Namespace stability | created beyond those enumerated in this RFC. (W3C Namespace stability | |||
| rules prohibit the creation of new URIs under | rules prohibit the creation of new URIs under | |||
| "http://www.w3.org/2000/09/xmldsig#" and URIs under | "http://www.w3.org/2000/09/xmldsig#" and URIs under | |||
| "http://www.w3.org/2001/04/xmldsig-more#" were frozen with the | "http://www.w3.org/2001/04/xmldsig-more#" were frozen with the | |||
| publication of [RFC4051].) | publication of [RFC4051].) | |||
| An "xmldsig-more" URI does not imply any official W3C status for | An "xmldsig-more" URI does not imply any official W3C or IETF status | |||
| these algorithms or identifiers nor does it imply that they are only | for these algorithms or identifiers nor does it imply that they are | |||
| useful in digital signatures. Currently, dereferencing such URIs may | only useful in digital signatures. Currently, dereferencing such | |||
| or may not produce a temporary placeholder document. Permission to | URIs may or may not produce a temporary placeholder document. | |||
| use these URI prefixes has been given by the W3C. | Permission to use these URI prefixes has been given by the W3C. | |||
| 5.1 IANA Considerations | 5.1 IANA Considerations | |||
| This document requires no IANA actions. | IANA will establish a Registry for "XML Security URIs" with that name | |||
| suggested for the Registry. The initial contents will correspond to | ||||
| Section 4.2 of this document with the numeric section references in | ||||
| the "Sec/Doc" column augmented with references to this RFC (as, for | ||||
| example, "[RFCxxxx], Section 2.6.4"). | ||||
| New entries, including new Types, will be added based on Expert | ||||
| Review [RFC5226]. Criterion for inclusion are (1) documention | ||||
| sufficient for interoperability of the algorithm or data type and the | ||||
| XML syntax for its represetation and use and (2) sufficient | ||||
| importance as normally indicated by inclusion in (2a) an approved W3C | ||||
| Note, Proposed Recommendation, or Recommendation or (2b) an approved | ||||
| IETF standards track document. Typically, the Registry will reference | ||||
| a W3C or IETF document specifying such XML syntax which document in | ||||
| turn references a more abstract description of the algorithm or data | ||||
| type. | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| 6. Security Considerations | 6. Security Considerations | |||
| This RFC is concerned with documenting the URIs that designate | This RFC is concerned with documenting the URIs that designate | |||
| algorithms used in connection with XML security. The security | algorithms and some data types used in connection with XML security. | |||
| considerations vary widely with the particular algorithms and the | The security considerations vary widely with the particular | |||
| general security considerations for XML security are outside of the | algorithms and the general security considerations for XML security | |||
| scope of this document but appear in [XMLDSIG], [XMLENC], [CANON], | are outside of the scope of this document but appear in [XMLDSIG11], | |||
| and [GENERIC]. | [XMLENC11], [CANON10], [CANON11], and [GENERIC]. | |||
| Due to computer speed and cryptographic advances, the use of MD5 as a | [RFC6151] should be consulted before considering the use of MD5 as a | |||
| DigestMethod or in the RSA-MD5 SignatureMethod is NOT RECOMMENDED. | DigestMethod or RSA-MD5 as a SignatureMethod. | |||
| The cryptographic advances concerned do not affect the security of | ||||
| HMAC-MD5; however, there is little reason not to go for one of the | ||||
| SHA series of algorithms. | ||||
| See [RFC6194] for SHA-1 Security Considerations and [RFC6151] for MD5 | See [RFC6194] for SHA-1 Security Considerations and [RFC6151] for MD5 | |||
| Security Considerations. | Security Considerations. | |||
| Additional security considerations are given in connection with the | Additional security considerations are given in connection with the | |||
| description of some algorithms in the body of this document. | description of some algorithms in the body of this document. | |||
| Implementers should be aware that cryptographic algorithms become | ||||
| weaker with time. As new cryptoanalysis techniques are developed and | ||||
| computing performance improves, the work factor to break a particular | ||||
| cryptographic algorithm will reduce. Therefore, cryptographic | ||||
| implementations should be modular allowing new algorithms to be | ||||
| readily inserted. That is, implementers should be prepared for the | ||||
| set of mandatory to implement algorithms to change over time. | ||||
| INTERNET-DRAFT Additional XML Security URIs | ||||
| Acknowledgements | ||||
| The contributions of the following to this document, listed in | ||||
| alphabetic order, are gratefully acknowledged: Benoit Claise, Adrian | ||||
| Farrel, Stephen Farrell, Ernst Giessmann, Frederick Hirsch, Bjoern | ||||
| Hoehrmann, Russ Housley, Satoru Kanno, Charlie Kaufman, Konrad Lanz, | ||||
| Barry Leiba, Subramanian Moonesamy, Peter Lipp, HwanJin Lee, Thomas | ||||
| Roessler, Hanseong Ryu, Peter Saint-Andre, and Sean Turner. | ||||
| The following contributors to [RFC4051], on which this document is | ||||
| based, are gratefully acknowledged: Glenn Adams, Merlin Hughs, Gregor | ||||
| Karlinger, Brian LaMachia, Shiho Moriai, Joseph Reagle, Russ Housley, | ||||
| and Joel Halpern. | ||||
| The document was prepared in raw nroff. All macros used were defined | ||||
| within the source file. | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| Appendix A: Changes from RFC 4051 | Appendix A: Changes from RFC 4051 | |||
| The following changes have been made in RFC 4051 to produce this | The following changes have been made in RFC 4051 to produce this | |||
| document. | document. | |||
| 1. Update and add numerous RFC, W3C, and Internet-Draft references. | 1. Update and add numerous RFC, W3C, and Internet-Draft references. | |||
| 2. Add #ecdsa-ripemd160, #whirlpool, #ecdsa-whirlpool, #rsa- | 2. Add #ecdsa-ripemd160, #whirlpool, #ecdsa-whirlpool, #rsa- | |||
| skipping to change at page 32, line 39 ¶ | skipping to change at page 31, line 39 ¶ | |||
| #sha1-rsa-MGF1, #sha224-rsa-MGF1, #sha256-rsa-MGF1, #sha384-rsa- | #sha1-rsa-MGF1, #sha224-rsa-MGF1, #sha256-rsa-MGF1, #sha384-rsa- | |||
| MGF1, #sha512-rsa-MGF1, #ripemd128-rsa-MGF1, #ripemd160-rsa-MGF1, | MGF1, #sha512-rsa-MGF1, #ripemd128-rsa-MGF1, #ripemd160-rsa-MGF1, | |||
| and #whirlpool-rsa-MGF1. | and #whirlpool-rsa-MGF1. | |||
| 7. Add new URIs from Canonical XML 1.1 and XML Encryption 1.1 | 7. Add new URIs from Canonical XML 1.1 and XML Encryption 1.1 | |||
| including: #aes128-gcm, #aes192-gcm, #aes256-gc, #ConcatKDF, | including: #aes128-gcm, #aes192-gcm, #aes256-gc, #ConcatKDF, | |||
| #pbkdf, #rsa-oaep, #ECDH-ES, and #dh-es. | #pbkdf, #rsa-oaep, #ECDH-ES, and #dh-es. | |||
| 8. Add padded AES key wrap from [RFC5649]. | 8. Add padded AES key wrap from [RFC5649]. | |||
| 9. Add a section on SHA-256 and SHA-512 whose URIs are specified in | 9. Add acronym subsection. | |||
| [XMLENC]. | ||||
| 10. Add acronym subsection. | ||||
| 11. Add numerous URIs that are specified in W3C XML Security | 10. Add numerous URIs that are specified in W3C XML Security | |||
| documents to the Indexes. These do not have sections in the body | documents to the Indexes. These do not have sections in the body | |||
| of this document. For example those for dsa-sha256, mgf1sha*, | of this document. For example those for dsa-sha256, mgf1sha*, | |||
| decrypt#XML, and xmldsig-filter2. | decrypt#XML, and xmldsig-filter2. | |||
| 11. Establish IANA Registry. | ||||
| 12. Editorial changes. | 12. Editorial changes. | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| Appendix Z: Change History | Appendix Z: Change History | |||
| RFC Editor Note: Plese delete this Appendix before publication. | RFC Editor Note: Plese delete this Appendix before publication. | |||
| From -02 to -03 | From -02 to -03 | |||
| skipping to change at page 35, line 5 ¶ | skipping to change at page 33, line 34 ¶ | |||
| 2. Add references to "XML Signature Properties" and "XML Security | 2. Add references to "XML Signature Properties" and "XML Security | |||
| Algorithm Cross-Reference". | Algorithm Cross-Reference". | |||
| 3. Move Errata reference to Informational Referecnes. | 3. Move Errata reference to Informational Referecnes. | |||
| 4. Split Section 5 into IANA and W3C considerations, move one | 4. Split Section 5 into IANA and W3C considerations, move one | |||
| relevant paragraph down to Section 5 from the first part of Section | relevant paragraph down to Section 5 from the first part of Section | |||
| 2. | 2. | |||
| From -09 to -10 | ||||
| Lots of editorial changes from IESG review including elimination of | ||||
| any implication that listing an algorithm here implies endorsement | ||||
| and any implication that this document changes implementation | ||||
| requirements. Add establishment of IANA Registry. | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| Normative References | Normative References | |||
| [10118-3] - "Information technology -- Security techniques -- Hash- | [10118-3] - "Information technology -- Security techniques -- Hash- | |||
| functions -- Part 3: Dedicated hash-functions", ISO/IEC | functions -- Part 3: Dedicated hash-functions", ISO/IEC | |||
| 10118-3, 2004. | 10118-3, 2004. | |||
| [18033-3] - "Information technology -- Security techniques -- | [18033-2] - "Information technology -- Security techniques -- | |||
| Encryption algorithms -- Part 3: Asymmetric ciphers", ISO/IEC | Encryption algorithms -- Part 3: Asymmetric ciphers", ISO/IEC | |||
| 18033-3, 2010. | 18033-2, 2010. | |||
| [Camellia] - "Camellia: A 128-bit Block Cipher Suitable for Multiple | [Camellia] - "Camellia: A 128-bit Block Cipher Suitable for Multiple | |||
| Platforms - Design and Analysis -", K. Aoki, T. Ichikawa, M. | Platforms - Design and Analysis -", K. Aoki, T. Ichikawa, M. | |||
| Matsui, S. Moriai, J. Nakajima, T. Tokita, In Selected Areas in | Matsui, S. Moriai, J. Nakajima, T. Tokita, In Selected Areas in | |||
| Cryptography, 7th Annual International Workshop, SAC 2000, | Cryptography, 7th Annual International Workshop, SAC 2000, | |||
| August 2000, Proceedings, Lecture Notes in Computer Science | August 2000, Proceedings, Lecture Notes in Computer Science | |||
| 2012, pp. 39-56, Springer-Verlag, 2001. | 2012, pp. 39-56, Springer-Verlag, 2001. | |||
| [FIPS180-4] - "Secure Hash Standard (SHS)", United States of | [FIPS180-4] - "Secure Hash Standard (SHS)", United States of | |||
| American, National Institute of Science and Technology, Federal | American, National Institute of Science and Technology, Federal | |||
| skipping to change at page 36, line 38 ¶ | skipping to change at page 35, line 38 ¶ | |||
| [RFC4055] - Schaad, J., Kaliski, B., and R. Housley, "Additional | [RFC4055] - Schaad, J., Kaliski, B., and R. Housley, "Additional | |||
| Algorithms and Identifiers for RSA Cryptography for use in the | Algorithms and Identifiers for RSA Cryptography for use in the | |||
| Internet X.509 Public Key Infrastructure Certificate and | Internet X.509 Public Key Infrastructure Certificate and | |||
| Certificate Revocation List (CRL) Profile", RFC 4055, June | Certificate Revocation List (CRL) Profile", RFC 4055, June | |||
| 2005. | 2005. | |||
| [RFC4269] - Lee, H., Lee, S., Yoon, J., Cheon, D., and J. Lee, "The | [RFC4269] - Lee, H., Lee, S., Yoon, J., Cheon, D., and J. Lee, "The | |||
| SEED Encryption Algorithm", RFC 4269, December 2005. | SEED Encryption Algorithm", RFC 4269, December 2005. | |||
| [RFC5226] - Narten, T. and H. Alvestrand, "Guidelines for Writing an | ||||
| IANA Considerations Section in RFCs", BCP 26, RFC 5226, May | ||||
| 2008. | ||||
| [RFC6234] - Eastlake 3rd, D. and T. Hansen, "US Secure Hash | [RFC6234] - Eastlake 3rd, D. and T. Hansen, "US Secure Hash | |||
| Algorithms (SHA and SHA-based HMAC and HKDF)", RFC 6234, May | Algorithms (SHA and SHA-based HMAC and HKDF)", RFC 6234, May | |||
| 2011. | 2011. | |||
| [RIPEMD-160] - ISO/IEC 10118-3:1998, "Information Technology - | [RIPEMD-160] - ISO/IEC 10118-3:1998, "Information Technology - | |||
| Security techniques - Hash-functions - Part3: Dedicated hash- | Security techniques - Hash-functions - Part3: Dedicated hash- | |||
| functions", ISO, 1998. | functions", ISO, 1998. | |||
| [X9.62] - X9.62-200X, "Public Key Cryptography for the Financial | [X9.62] - X9.62-200X, "Public Key Cryptography for the Financial | |||
| Services Industry: The Elliptic Curve Digital Signature | Services Industry: The Elliptic Curve Digital Signature | |||
| Algorithm (ECDSA)", Accredited Standards Committee X9, American | Algorithm (ECDSA)", Accredited Standards Committee X9, American | |||
| National Standards Institute. | National Standards Institute. | |||
| [XMLENC] | [XMLENC10] - "XML Encryption Syntax and Processing", J. Reagle, D. | |||
| - "XML Encryption Syntax and Processing", J. Reagle, D. | ||||
| Eastlake, W3C Recommendation 10 December 2002, | Eastlake, W3C Recommendation 10 December 2002, | |||
| http://www.w3.org/TR/2001/RED-xmlenc-core-20021210/ | ||||
| - "XML Encryption Syntax and Processing Version 1.1", D. | ||||
| Eastlake, J. Reagle, F. Hirsch, T. Roessler, Proposed | ||||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/ | ||||
| [XMLENC11] - "XML Encryption Syntax and Processing Version 1.1", D. | ||||
| Eastlake, J. Reagle, F. Hirsch, T. Roessler, Proposed | ||||
| Recommendation 24 January 2013, http://www.w3.org/TR/2013/PR- | Recommendation 24 January 2013, http://www.w3.org/TR/2013/PR- | |||
| xmlenc-core1-20130124/ | xmlenc-core1-20130124/ | |||
| [XPointer] - "XML Pointer Language (XPointer) Version 1.0", W3C | [XPointer] - "XML Pointer Language (XPointer) Version 1.0", W3C | |||
| working draft, Steve DeRose, Eve Maler, Ron Daniel Jr., Paul | working draft, Steve DeRose, Eve Maler, Ron Daniel Jr., Paul | |||
| Grosso, Jonathan Marsh, Norman Walsh, August 2002. | Grosso, Jonathan Marsh, Norman Walsh, August 2002. | |||
| http://www.w3.org/TR/2002/WD-xptr-20020816/ | http://www.w3.org/TR/2002/WD-xptr-20020816/ | |||
| INTERNET-DRAFT Additional XML Security URIs | INTERNET-DRAFT Additional XML Security URIs | |||
| Informational References | Informational References | |||
| [CANON] | [CANON10] - John Boyer. "Canonical XML Version 1.0", 15 March 2001, | |||
| - John Boyer. "Canonical XML Version 1.0", 15 March 2001, | ||||
| http://www.w3.org/TR/2001/REC-xml-c14n-20010315 | http://www.w3.org/TR/2001/REC-xml-c14n-20010315 | |||
| - John Boyer, Glenn Marcy, "Canoncial XML Version 1.1", 2 May | ||||
| 2008, http://www.w3.org/TR/2008/REC-xml-c14n11-20080502/ | [CANON11] - John Boyer, Glenn Marcy, "Canoncial XML Version 1.1", 2 | |||
| May 2008, http://www.w3.org/TR/2008/REC-xml-c14n11-20080502/ | ||||
| [DECRYPT] - Merlin Hughes, Takeshi Imamura, Hiroshi Maruyama, | [DECRYPT] - Merlin Hughes, Takeshi Imamura, Hiroshi Maruyama, | |||
| "Decryption Transform for XML Signature", 10 Decmeber 2002. | "Decryption Transform for XML Signature", 10 Decmeber 2002. | |||
| http://www.w3.org/TR/2002/REC-xmlenc-decrypt-20021210 | http://www.w3.org/TR/2002/REC-xmlenc-decrypt-20021210 | |||
| [Errata191] - RFC Errata, Errata ID 191, RFC 4051, http://www.rfc- | [Errata191] - RFC Errata, Errata ID 191, RFC 4051, http://www.rfc- | |||
| editor.org | editor.org | |||
| [GENERIC] - Magnus Nystrom, Frederick Hirsch, "XML Security Generic | [GENERIC] - Magnus Nystrom, Frederick Hirsch, "XML Security Generic | |||
| Hybrid Ciphers", 24 January 2013, | Hybrid Ciphers", 24 January 2013, | |||
| skipping to change at page 39, line 25 ¶ | skipping to change at page 38, line 25 ¶ | |||
| - "XML Schema Part 2: Datatypes Second Edition", P. Biron, A. | - "XML Schema Part 2: Datatypes Second Edition", P. Biron, A. | |||
| Malhotra, W3C Recommendation 28 October 2004, | Malhotra, W3C Recommendation 28 October 2004, | |||
| http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/ | http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/ | |||
| [W3C] - World Wide Web Consortium, <http://www.w3.org>. | [W3C] - World Wide Web Consortium, <http://www.w3.org>. | |||
| [XCANON] - "Exclusive XML Canonicalization Version 1.0", D. | [XCANON] - "Exclusive XML Canonicalization Version 1.0", D. | |||
| Eastlake, J. Reagle, 18 July 2002. | Eastlake, J. Reagle, 18 July 2002. | |||
| http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ | http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ | |||
| [XMLDSIG] - "XML Signature Syntax and Processing (Second Edition)", | [XMLDSIG10] - "XML Signature Syntax and Processing (Second Edition)", | |||
| D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, W3C | D. Eastlake, J. Reagle, D. Solo, F. Hirsch, T. Roessler, W3C | |||
| Recommendation 10 June 2008, http://www.w3.org/TR/2008/REC- | Recommendation 10 June 2008, http://www.w3.org/TR/2008/REC- | |||
| xmldsig-core-20080610/ | xmldsig-core-20080610/ | |||
| - "XML Signature Syntax and Processing Version 1.1", D. | ||||
| [XMLDSIG11] - "XML Signature Syntax and Processing Version 1.1", D. | ||||
| Eastlake, J. Reagle, D. Solo, F. Hirsch, M. Nystrom, T. | Eastlake, J. Reagle, D. Solo, F. Hirsch, M. Nystrom, T. | |||
| Roessler, K. Yiu, Proposed Recommendation 24 January 2013, | Roessler, K. Yiu, Proposed Recommendation 24 January 2013, | |||
| http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/ | http://www.w3.org/TR/2013/PR-xmldsig-core1-20130124/ | |||
| [XMLDSIG-PROP] - "XML Signature Properties", F. Hirsch, Proposed | [XMLDSIG-PROP] - "XML Signature Properties", F. Hirsch, Proposed | |||
| Recommendation 24 January 2013, http://www.w3.org/TR/2013/PR- | Recommendation 24 January 2013, http://www.w3.org/TR/2013/PR- | |||
| xmldsig-properties-20130124/ | xmldsig-properties-20130124/ | |||
| [XMLSECXREF] - "XML Security Algorithm Cross-Reference", F. Hirsch, | [XMLSECXREF] - "XML Security Algorithm Cross-Reference", F. Hirsch, | |||
| T. Roessler, K. Yiu, Working Group Note 24 January 2013, | T. Roessler, K. Yiu, Working Group Note 24 January 2013, | |||
| End of changes. 110 change blocks. | ||||
| 288 lines changed or deleted | 327 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||