- From: Thomas Roessler <tlr@w3.org>
- Date: Tue, 24 Feb 2009 21:40:45 +0100
- To: XMLSec WG Public List <public-xmlsec@w3.org>
During discussion on the call today, Magnus noted that we have a bit of a mess in the forthcoming FPWD for XML Encryption: - Two key agreement algorithms are defined, Diffie-Hellman and EC D- H. DH is optional (as it has always been), EC D-H is mandatory to implement. - However, there is no mandatory to implement curve for EC D-H. The result is that (a) our *only* mandatory to implement algorithm is currently ECDH, (b) that still doesn't give us interoperability since we don't have an agreed curve, (c) the entire feature (which was optional before) now turns mandatory to implement. I'm curious whether anybody here recalls why DH wasn't made mandatory in the original version of XML Encryption, and also wonder whether we shouldn't really have both key agreement algorithms as REQUIRED if ECDH is. Thoughts? -- Thomas Roessler, W3C <tlr@w3.org>
Received on Tuesday, 24 February 2009 20:40:55 UTC