W3C home > Mailing lists > Public > public-xmlsec@w3.org > June 2009

SHA1 based signature algorithms in XML Signature 1.1

From: Thomas Roessler <tlr@w3.org>
Date: Tue, 9 Jun 2009 12:51:13 +0200
Message-Id: <FCF1F175-43B0-4DE1-8C31-0FA8D97BB637@w3.org>
To: XMLSec WG Public List <public-xmlsec@w3.org>
Looking through the algorithms table in the editor's draft:


... I notice that we have ample warning in the section on digest  
algorithms, but less (and different) in the section on signature  


1. HMAC-SHA1 is mandatory to implement, but discouraged to use.
2. DSA-SHA1 is mandatory to implement for verification, and optional  
for signature generation.
3. We do not give any admonishment for RSA-SHA1 (which remains  
recommended),  and for the optional ECDSA-SHA1.

Thomas Roessler, W3C  <tlr@w3.org>
Received on Tuesday, 9 June 2009 10:51:21 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:11 UTC