- From: Cantor, Scott E. <cantor.2@osu.edu>
- Date: Tue, 21 Dec 2010 15:39:59 +0000
- To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
> We should discuss whether in 2.0 mode the SHA-1 algorithms should be > disallowed, and only allowed in compatibility mode (or not) Red Hat 4's openssl library does not in fact support SHA-2, and is not EOL until February of 2015. Generally people don't upgrade until after the EOL date. So my preference is not to preclude SHA-1 in conjunction with the new signature model, because what we say has zero impact on what people will do with their OS deployments. The effect is to prevent adoption of the new model for some applications, which I think is a net negative. My opinion, anyway. -- Scott
Received on Tuesday, 21 December 2010 15:41:15 UTC