- From: Cantor, Scott <cantor.2@osu.edu>
- Date: Fri, 6 Jul 2012 17:51:33 +0000
- To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>
- CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
On 7/6/12 12:44 PM, "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com> wrote: >Thus I suggest we agree it should be added to the XML Signature 1.1 draft. > >HMAC with 224 is listed in RFC 4051 but not in XML Signature 1.1 or the >XML Security Algorithms Cross-Reference. Since it is in RFC 4051 I >propose it should be added to XML Signature 1.1 and the cross reference, >for consistency with RFC 4051. That would be my opinion. >Neither RFC 4051 nor the "XML Security Algorithms Cross-Reference " have >an algorithm identifier for "RSA with SHA-224". It could be added for >consistency, but the URL should be defined in RFC 4051 (but is not). It >would be very confusing if it were not of the same form. Yeah, I know. I'm kind of stuck, because by the time I took over the Santuario code base, it had been added, and it's been there for several years. Other than deprecating the involved code or just noting it, there isn't much I can do about it at this point, but that's not the WG's problem. >Any other suggestions regarding RSA-SHA224? My only point re: the URLs and the RFC is that the namespace is a W3C namespace. While it might be odd to create one in that form outside 4051, it doesn't really hijack ownership to do so. I suppose the RFC could be rev'd too. Given that I'm stuck, I would be willing to do some work agreed to in this respect. -- Scott
Received on Friday, 6 July 2012 17:52:32 UTC