W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2011

Re: Update to XML Signature 1.1 Editors Draft to reference Best Practices

From: Marcos Caceres <marcosscaceres@gmail.com>
Date: Mon, 1 Aug 2011 22:41:00 +0200
Message-ID: <CAL1nonKpdPygT4TEYNz_ZWryAOT8XUdOhRLXdmE0VF6MPBP05A@mail.gmail.com>
To: Frederick Hirsch <frederick.hirsch@nokia.com>
Cc: XMLSec WG Public List <public-xmlsec@w3.org>
On Fri, Jul 29, 2011 at 8:41 PM, Frederick Hirsch
<frederick.hirsch@nokia.com> wrote:
> I have updated the XML Signature 1.1 Editors Draft to reference Best Practices in the Introduction, to address LC-2507.
>
> http://www.w3.org/2006/02/lc-comments-tracker/42458/WD-xmldsig-core2-20110421/2507
>
> Please review the change and indicate if any concern. If no concern is expressed on the public list by 8 August I will assume the change is ok, however positive feedback  (+1 to the change) is preferred.
>
> The text in question is the last paragraph of the Introduction (section 1) and the corresponding reference:
>
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-Introduction
>
> After this step is complete I'll do the formal steps to close the LC-2507.
>

Thanks for adding this. However, the single sentence contains too many
ideas... how about changing it to:

The Working Group encourages implementers and developers to read
<cite>XML Signature Best Practices</cite> [XMLDSIG-BESTPRACTICES]. It
contains a number of best practices related to the use of XML
Signature, including implementation considerations and practical ways
of improving security.

-- 
Marcos Caceres
http://datadriven.com.au
Received on Monday, 1 August 2011 20:41:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:16 UTC