- From: Marcos Caceres <marcosscaceres@gmail.com>
- Date: Mon, 1 Aug 2011 22:21:10 +0200
- To: Frederick Hirsch <frederick.hirsch@nokia.com>
- Cc: XMLSec WG Public List <public-xmlsec@w3.org>
On Fri, Jul 29, 2011 at 8:36 PM, Frederick Hirsch <frederick.hirsch@nokia.com> wrote: > This is a Call for Consensus to publish an update to the XML Signature Best Practices document, using the latest editors draft at > > http://www.w3.org/2008/xmlsec/Drafts/best-practices/Overview.html > > The last publication was 31 August 2010. > > Changes since then include > > 1. Addition of section 2.1.4 with best practice "Avoid using the "descendant", "descendant-or-self", "following-sibling", and "following" axes when using streaming XPaths." and example: "XPath selection that causes denial of service in streaming mode" > > 2. Addition of summary of Best Practices section (section 3) > > 3. Update references > > 4. Internal updates to use new ReSpec standard mechanisms, some internal (not visible) cleanup. > > I suggest we get this published so that the published version reflects our latest stable version, as it has been a year since the last publication. Also, when we share an update to XML Signature 1.1 that references the Best Practices we should be sure it references the latest. > > I suggest we publish on 9 August unless we hear any concern before 2 August (this coming Tuesday). > > Please indicate support or concern on the public list. Silence will be assumed to be consent, but clear support for publication is preferred. > I support publication. Thanks to the XMLSec WG for continuing to work on this document! -- Marcos Caceres http://datadriven.com.au
Received on Monday, 1 August 2011 20:21:56 UTC