W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2012

Re: Add RSA-SHA224 to XML Signature 1.1 or not?

From: Cantor, Scott <cantor.2@osu.edu>
Date: Fri, 13 Jul 2012 18:49:23 +0000
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <BA63CEAE152A7742B854C678D949138330A321A2@CIO-KRC-D1MBX01.osuad.osu.edu>
On 7/13/12 2:37 PM, "Frederick.Hirsch@nokia.com"
<Frederick.Hirsch@nokia.com> wrote:

>Note I did *not* add RSA-SHA224 to the XML Signature 1.1 or 2.0 specs as
>we do not yet have a normative RFC reference (RFC 4051).
>
>Should I add it now?  My inclination is not to add it as we do not have a
>suitable reference and there is no pressing need, yet I would like after
>the next LC/CR to be done, so maybe we should add it. What is the opinion
>of the WG?

If I have a vote, it's to add it, because of the historical bug I
inherited.

>By the way, Donald has this on his list of items for the RFC 4051 update,
>but the timing of that might be out of sync with our schedule.

Nevertheless, those URLs are not IETF-owned, they're W3C's. If it's his
intention to do so, my strong preference would be that we get it done now.
If OTOH it wasn't even planned to ever define it, then I understand not
doing so.

-- Scott
Received on Friday, 13 July 2012 18:49:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 13 July 2012 18:49:55 GMT