W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2008

Changing Signature algorithm implementation requirements

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Wed, 23 Jul 2008 12:47:45 -0400
Message-Id: <063451F1-30EC-47A4-8D9F-0E58F1F24DF2@nokia.com>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
To: public-xmlsec@w3.org

XML Signature (1st and 2nd editions) have a list of mandatory and  
recommended algorithms in the implementation requirements section.


I'd like us to discuss whether we should change this list going  
forward as follows (independent of other more significant changes for  

1.  Signature:
Change DSAwithSHA1 (DSS) from Required to Recommended
Change RSAwithSHA1 from Recommended to Required

Given the change in RSAwithSHA1 licensing status this change might  
better reflect implementations.

2. Canonicalization:

Change  Canonical XML 1.0(omits comments) from Required to Deprecated
Change  Canonical XML 1.0 with  comments) from Recommended to Deprecated

Given the issues with xml:id and xml:base, we may want to discourage  
use of Canonical XML 1.0 in the future.

regards, Frederick

Frederick Hirsch
Received on Wednesday, 23 July 2008 16:48:29 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:09 UTC