W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

proposed editor's note on mandatory to implement algorithms (ACTION-214)

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 18 Feb 2009 00:20:37 +0100
Message-Id: <363147A6-DDF6-4E0A-B912-F8928EA90CC8@w3.org>
To: Rob Miller <rdmiller@mitre.org>, Brian LaMacchia <bal@exchange.microsoft.com>, Chris Solc <csolc@adobe.com>, Kenneth M Graf <kenneth.m.graf@intel.com>
Cc: XMLSec WG Public List <public-xmlsec@w3.org>
Here's a proposal for an editor's note that can be added to the  
Encryption 1.1 and Signature 1.1 WDs (in Signature this should go into  
the beginning of section 6; haven't looked where it best fits into  
Encryption), with an additional pointer in the status of the document:

> There is currently no consensus on mandatory to implement  
> algorithms; the current draft text represents one possible outcome.   
> Positions of Working Group members include:

For Signature:

> 1. RSA and DSA are acceptable as a mandatory to implement signature  
> algorithms.  Given limited support in parts of the industry,  
> elliptic curve DSA is not acceptable as a mandatory to implement  
> algorithm, and might lead to lack of implementation of this version  
> of the specification.

For Encryption:

> 1. Given limited support in parts of the industry, Elliptic Curve  
> Diffie-Hellman Key Agreement is not acceptable as a mandatory to  
> implement algorithm in this specification, and might lead to lack of  
> implementation of this version of the specification.

Then, for both specs:

> 2. Going forward, this specification needs to have credible  
> algorithm agility, both for hash and public-key algorithms.   
> Therefore, there should be two mandatory to implement public-key  
> algorithms from different families.  At this time, elliptic curve  
> based algorithms are the only credible contenders.  They have the  
> additional benefit of providing a reasonable balance between key  
> sizes and security level, which is, e.g., not the case for RSA.

Signature only:

> As profiles built on top of XML Signature that currently rely on DSA- 
> SHA1 or RSA-SHA1 as the only supported signature algorithm will need  
> to be updated in the future, the Signature core specification should  
> outline a clear way forward in terms of choice of algorithms.  This  
> choice should be Elliptic Curve DSA.

Both:

> 3. There should be recommended algorithms, but no mandatory to  
> implement algorithms.  On certain constrained devices, only a single  
> algorithm might be implemented at a given time, but there may be  
> updatte mechanisms in place that enable algorithm agility in  
> deployments.

> The Working Group welcomes further community input and comment on  
> this issue.


Rob, Brian, Chris, Ken -- please let me know whether this describes  
your positions in reasonable accuracy, and feel free to suggest finer  
word-smithing.
--
Thomas Roessler, W3C  <tlr@w3.org>
Received on Tuesday, 17 February 2009 23:20:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT