W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2011

Call for Consensus - publish update to XML Signature Best Practices

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Fri, 29 Jul 2011 14:36:01 -0400
Message-Id: <AAE3BAE6-00A7-4DE6-87DA-40B02A3370B0@nokia.com>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, Marcos Caceres <marcos.caceres@wacapps.net>
To: XMLSec WG Public List <public-xmlsec@w3.org>
This is a Call for Consensus to publish an update to the XML Signature Best Practices document, using the latest editors draft at


The last publication was 31 August 2010.

Changes since then include 

1. Addition of  section 2.1.4 with best practice "Avoid using the "descendant", "descendant-or-self", "following-sibling", and "following" axes when using streaming XPaths." and   example: "XPath selection that causes denial of service in streaming mode"

2. Addition  of summary of Best Practices section (section 3)

3. Update references

4. Internal updates to use new ReSpec standard mechanisms, some internal (not visible) cleanup.

I suggest we get this published so that the published version reflects our latest stable version, as it has been a year since the last publication. Also, when we share an update to XML Signature 1.1 that references the Best Practices we should be sure it references the latest.

I suggest we publish on 9 August unless we hear any concern before 2 August (this coming Tuesday).

Please indicate support or concern on the public list. Silence will be assumed to be consent, but clear support for publication is preferred.


regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Friday, 29 July 2011 19:52:10 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:16 UTC