- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 18 Feb 2009 00:41:33 +0100
- To: Frederick Hirsch <frederick.hirsch@nokia.com>
- Cc: Rob Miller <rdmiller@mitre.org>, Brian LaMacchia <bal@exchange.microsoft.com>, Chris Solc <csolc@adobe.com>, Kenneth M Graf <kenneth.m.graf@intel.com>, XMLSec WG Public List <public-xmlsec@w3.org>
On 18 Feb 2009, at 00:37, Frederick Hirsch wrote: > I suggest the following change to your proposed editors note: > > (a) Change "Positions of Working Group members include:" to > "Positions of some Working Group members against the currently > expressed mandatory algorithms include:" Fine with me; however, in that case, (2) would move into a separate section "in favor". > > (b) For #2 suggest changing > "both for hash and public-key algorithms." to "both for hash and > public-key algorithms, in the event one is proven insecure, to > enable a quick change to an alternative." > > (c) in #2 Remove ", which is, e.g., not the case for RSA." > > (d) change #3 to: > > 3. There should be recommended algorithms, but no mandatory to > implement algorithms. The rationale is that this gives greater > flexibility to deployments. works for me; I'd like to hear Ken's take. > (Other WG members argued against this since it could harm > interoperability not having mandatory algorithms.) We're not descending into the back-and-forth about the other arguments, either, so I'd rather leave this out. (In particular since I suspect that the counter-argument -- and the counter-counter- argument -- are well understood by much of the audience.)
Received on Tuesday, 17 February 2009 23:45:50 UTC