ST_AlgType is defined in wml.xsd and in pml-presentation.xsd. In the former, it allows value typeAny. In the latter, it allows values typeAny and invalid. It is unclear why it is legal to specify an invalid algorithm, and no behaviour is specified if an invalid algorithm is provided.
Remedy: Rationalize on the former
ST_AlgType
te
Proposed Disposition of DIS 29500 Comment GB-0624 (Modified: 2008-01-04) Agreed; this simple type should be defined consistently in both of the password hashing descriptions. Before providing the proposed disposition, it should be noted that based on multiple national body comments, the current hashing mechanism and all of its attributes will be deprecated in favor of a new mechanism which utilizes only well-accepted hashing algorithms. Accordingly, we will remove this simple type from its current location in the specification (Part 4, §2.18.2, pages 1,630-1,631 and Part 4, §4.8.2, pages 3,166-3,167), and place them into a new annex for deprecated features. Following the precedent set by other ISO standards (such as SQL’s ISO 9075:2003 Part 1 and C++’s ISO/IEC 14882:1998), we will make use of a new Annex that contains normative descriptions of all deprecated features. The intent of this Annex is to enable a transitional period during which existing binary documents being migrated to DIS 29500 can make use of those deprecated features to preserve their fidelity, while noting that new documents should not use them. Accordingly, the Conformance clause will also be changed to state that newly created documents (those not created by migrating existing binary documents) should not use deprecated features. All deprecated features will be removed from their current locations in the standard, but will be fully defined in this new Annex. Within the deprecated hashing mechanism, the following changes will be made to ensure that, although deprecated, this mechanism is fully defined: Part 4, §2.18.2, page 1,630, lines 917: [Note: Omitting this attribute is logically equivalent to assigning it the value custom . end note] This simple type’s contents are a restriction of the XML Schema string datatype. The following are possible enumeration values for this type: Enumeration Value Description custom (Custom Algorithm) Specifies that a custom algorithm type, specified within the parent element’s algIdExt attribute, generated the hash value. typeAny (Any Predefined Type) Specifies that any one of the predefined type of cryptographic algorithm s, specified by the parent element’s cryptAlgorithmSid attribute, generated the hash value type may be used . Referenced By documentProtection@cryptAlgorithmType (§2.15.1.28); writeProtection@cryptAlgorithmType (§2.15.1.94) The following XML Schema fragment defines the contents of this simple type: <simpleType name="ST_AlgType"> <restriction base="xsd:string"> <enumeration value="typeAny"/> <enumeration value="custom"/> </restriction> </simpleType> Part 4, §4.8.2, page 3,166, lines 717: [Note: Omitting this attribute is logically equivalent to assigning it the value custom . end note] This simple type’s contents are a restriction of the XML Schema string datatype. The following are possible enumeration values for this type: Enumeration Value Description invalid custom ( Invalid Custom Algorithm Type ) Specifies that a custom algorithm type, specified within the parent element’s algIdExt attribute, generated the hash value An invalid algorithm type is used . typeAny (Any Predefined Algorithm Type) Specifies that one of the predefined cryptographic algorithms, specified by the parent element’s cryptAlgorithmSid attribute, generated the hash value Any algorithm type is used . Referenced By modifyVerifier@cryptAlgorithmType (§4.3.1.17) The following XML Schema fragment defines the contents of this simple type: <simpleType name="ST_AlgType"> <restriction base="xsd:string"> <enumeration value="typeAny"/> <enumeration value=" invalid custom "/> </restriction> </simpleType>
