Uploaded image for project: 'OASIS Open Document Format for Office Applications (OpenDocument) TC'
  1. OASIS Open Document Format for Office Applications (OpenDocument) TC
  2. OFFICE-2725

ODF 1.2 Part 3 section 4.8.9 manifest:key-derivation-name incorrect extensibility

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Applied
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: ODF 1.2 CD 05
    • Fix Version/s: ODF 1.2 CD 06
    • Component/s: Packaging, Part 2 (Packages) [1.2: 3], Security
    • Labels:
      None
    • Environment:

      This issue applies in previous drafts of ODF 1.2 Part 3. The present issue refers to the precise text of ODF 1.2 CD05 Part 3.

    • Proposal:
      Hide

      Delete the last two bullet-list items at the beginning of 4.8.9, the one beginning with "An IRI listed in ..." and the other beginning with "The IRI of an alternative algorithm ... ."

      Show
      Delete the last two bullet-list items at the beginning of 4.8.9, the one beginning with "An IRI listed in ..." and the other beginning with "The IRI of an alternative algorithm ... ."
    • Resolution:
      Hide

      1. In section 4.8.9, delete the third list item, the one beginning "An IRI listed in §5.7 of [xmlenc-core] ... ."

      2. In section 4.8.9 replace the first sentence of the last list item, changing
      """
      The IRI of an alternative algorithm as specified in §5.1 of [xmlenc-core]."
      """
      to
      """
      The IRI of an implementation-defined alternative algorithm.
      """

      Show
      1. In section 4.8.9, delete the third list item, the one beginning "An IRI listed in §5.7 of [xmlenc-core] ... ." 2. In section 4.8.9 replace the first sentence of the last list item, changing """ The IRI of an alternative algorithm as specified in §5.1 of [xmlenc-core] ." """ to """ The IRI of an implementation-defined alternative algorithm. """

      Description

      In 4.8.9 manifest:key-derivation-name, the 4-point list after the second paragraph makes reference to section 5.7 of [xmlenc-core] and section 5.1 of [xmlenc-core] as sources of alternative key-derivation algorithms.

      However, there are no key-derivation algorithms specified in section 5.7. Section 5.7 of [xmlenc-core] is a list of digest algorithms, none of which provide iterative password-based key derivation functions.

      Furthermore, section 5.1 of [xmlenc-core] does not list key-derivation functions as anything that is addressed in [xmlenc-core] and it provides no extensibility on that subject.

      In addition, [xmlenc-core] does not identify nor discuss HMAC functions of any kind. The only message authentication method referenced in [xmlenc-core] is xml digital signature.

        Attachments

          Activity

            People

            • Assignee:
              orcmid Dennis Hamilton (Inactive)
              Reporter:
              orcmid Dennis Hamilton (Inactive)
            • Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: