W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2008

Changing Signature algorithm implementation requirements

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Wed, 23 Jul 2008 12:47:45 -0400
Message-Id: <063451F1-30EC-47A4-8D9F-0E58F1F24DF2@nokia.com>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
To: public-xmlsec@w3.org

XML Signature (1st and 2nd editions) have a list of mandatory and  
recommended algorithms in the implementation requirements section.

http://www.w3.org/TR/2008/PER-xmldsig-core-20080326/#sec-AlgID

I'd like us to discuss whether we should change this list going  
forward as follows (independent of other more significant changes for  
now):

1.  Signature:
Change DSAwithSHA1 (DSS) from Required to Recommended
Change RSAwithSHA1 from Recommended to Required

Given the change in RSAwithSHA1 licensing status this change might  
better reflect implementations.

2. Canonicalization:

Change  Canonical XML 1.0(omits comments) from Required to Deprecated
Change  Canonical XML 1.0 with  comments) from Recommended to Deprecated

Given the issues with xml:id and xml:base, we may want to discourage  
use of Canonical XML 1.0 in the future.

regards, Frederick

Frederick Hirsch
Nokia
Received on Wednesday, 23 July 2008 16:48:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT