W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2008

Principles for requirements document

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Mon, 11 Aug 2008 11:07:16 -0400
Message-Id: <73FEEDDD-9AC3-49C4-AEF9-C5C61F56B384@nokia.com>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
To: XMLSec WG XMLSec W3C <public-xmlsec@w3.org>

During the F2F we discussed principles from the original XML  
Signature requirements document and in my presentation I outlined  
possible principles for the requirements document going forward.

At the F2F we agreed that we should have a  list of principles that  
should be followed.


Do we agree on these principles, do we need changes or additions? I  
updated #6 to reflect our desire to minimize dependencies.

1. Be Consistent with the Web Architecture

2. Be XML and XML Namespace compatible

3. XML Signatures are 1st class objects

4. Design for security and mitigating attacks

5. Enable extensibility where necessary but simplicity and reduced  
optionality by default

6. Re-use existing standards where possible but minimize dependencies  
on other standards as much as possible.

7. Donít break backward compatibility unnecessarily

8.  Manage versioning and interoperability - clearly call out  
compatibility issues

9. Acknowledge processing models with different software components/ 

If someone would like to propose text to describe these further that  
would be useful.


regards, Frederick

Frederick Hirsch
Received on Monday, 11 August 2008 15:13:34 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:09 UTC