ST_CryptProv is defined in wml.xsd and in pml-presentation.xsd. In the latter it allows the value "invalid". It is unclear why it is legal to specify an invalid cryptographic provide, and no behaviour is specified if an invalid provider is provided. In addition, in the former, the rsaFull value is described as "Any provider" rather than "RSA Full Encryption Scheme" as it is in the latter..

Remedy: Remove "invalid" as a value. Correct the documentation in the schema

ST_CryptProv

te

Proposed Disposition of DIS 29500 Comment GB-0628 (Modified: 2008-01-04) Agreed; this simple type should be defined consistently in both of the password hashing descriptions. Before providing the proposed disposition, it should be noted that based on multiple national body comments, the current hashing mechanism and all of its attributes will be deprecated in favour of a new mechanism which utilizes only well-accepted hashing algorithms. Accordingly, we will remove this simple type from its current location in the specification (Part 4, §2.18.14, pages 1,699­1,700 and Part 4, §4.8.4, pages 3,167), and place it into a new annex for deprecated features. Following the precedent set by other ISO standards (such as SQL’s ISO 9075:2003 Part 1 and C++’s ISO/IEC 14882:1998), we will make use of a new Annex that contains normative descriptions of all deprecated features. The intent of this Annex is to enable a transitional period during which existing binary documents being migrated to DIS 29500 can make use of those deprecated features to preserve their fidelity, while noting that new documents should not use them. Accordingly, the Conformance clause will also be changed to state that newly created documents (those not created by migrating existing binary documents) should not use deprecated features. All deprecated features will be removed from their current locations in the standard, but will be fully defined in this new Annex. Within the deprecated hashing mechanism, the following changes will be made to ensure that, although deprecated, this mechanism is fully defined: Part 4, §2.18.14, page 1,699, line 20 through page 1,700, line 9: [Note: Omitting this attribute is logically equivalent to assigning it the value custom . end note] This simple type’s contents are a restriction of the XML Schema string datatype. The following are possible enumeration values for this type: Enumeration Value Description custom (Custom Algorithm) Specifies that a custom algorithm type, specified within the parent element’s algIdExt attribute, generated the hash value. rsaAES (AES Provider) Specifies that the provider shall support the Advanced Encryption Algorithm standard. Enumeration Value Description rsaFull (Any Provider) Specifies that any suitable provider shall be used. Referenced By documentProtection@cryptProviderType (§2.15.1.28); writeProtection@cryptProviderType (§2.15.1.94) The following XML Schema fragment defines the contents of this simple type: <simpleType name="ST_CryptProv"> <restriction base="xsd:string"> <enumeration value="custom"/> <enumeration value="rsaAES"/> <enumeration value="rsaFull"/> </restriction> </simpleType> Part 4, §4.8.4, page 3,167, lines 15­25: [Note: Omitting this attribute is logically equivalent to assigning it the value custom . end note] This simple type’s contents are a restriction of the XML Schema string datatype. The following are possible enumeration values for this type: Enumeration Value Description invalid custom ( Custom Algorithm Invalid Encryption Scheme ) Specifies that a custom algorithm scheme, specified within the parent element’s algIdExt attribute, generated the hash value Invalid Encryption scheme provided . rsaAES ( RSA AES Encryption Scheme Provider ) Specifies that the provider shall support the Advanced Encryption Algorithm standard. rsaFull ( RSA Full Encryption Scheme Any Provider ) Specifies that any suitable provider shall be used. Referenced By modifyVerifier@cryptProviderType (§4.3.1.17) The following XML Schema fragment defines the contents of this simple type: <simpleType name="ST_CryptProv"> <restriction base="xsd:string"> <enumeration value="rsaAES"/> <enumeration value="rsaFull"/> <enumeration value=" invalid custom "/> </restriction> </simpleType>

Tag and Go

No Comments

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

  • Argentina (1)
  • Australia (30)
  • Austria (1)
  • Belgium (1)
  • Brazil (64)
  • Bulgaria (3)
  • Canada (79)
  • Chile (217)
  • China (1)
  • Colombia (237)
  • Czech Republic (75)
  • Denmark (168)
  • Ecma (76)
  • Ecuador (1)
  • Finland (15)
  • France (592)
  • Germany (162)
  • Ghana (12)
  • Greece (113)
  • India (82)
  • Iran (58)
  • Ireland (12)
  • Israel (33)
  • Italy (2)
  • Japan (82)
  • Jordan (1)
  • Kenya (81)
  • Malaysia (23)
  • Malta (5)
  • Mexico (7)
  • New Zealand (54)
  • Norway (12)
  • Peru (10)
  • Philippines (7)
  • Poland (4)
  • Portugal (118)
  • Singapore (2)
  • South Africa (17)
  • South Korea (25)
  • Spain (1)
  • Switzerland (19)
  • Thailand (1)
  • Tunisia (3)
  • Turkey (1)
  • UK (635)
  • Uruguay (18)
  • USA (288)
  • Venezuela (73)