- From: Joseph Reagle <reagle@w3.org>
- Date: Mon, 21 Oct 2002 14:22:35 -0400
- To: XML Signature <w3c-ietf-xmldsig@w3.org>
- Cc: chairs@w3.org, FIPS186@nist.gov
Someone recently pointed out to me that the W3C XML Signature Recommendation contains the following references, which contains a location that no longer works: DSS FIPS PUB 186-2 . Digital Signature Standard (DSS). U.S. Department of Commerce/National Institute of Standards and Technology. http://csrc.nist.gov/publications/fips/fips186-2/fips186-2.pdf It appears that in October 2001 FIPS186-2 was updated with an appendix that contains some constraints and recommendations with respect to security concerns: http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf However, the XML Signature Recommendation was published in February of 2002. I know the original link worked at that time. I don't know when the original specification was removed, what NIST's obsoletion/deprecation/revision policy is, nor what the removal means except that we now have a bad reference. What do people think? Should we: 1. Ask NIST to maintain the URI, but update it saying that that version is obsoleted by a new revision? 2. Let it be? 3.. Add an erratum to our own specification? -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Monday, 21 October 2002 14:23:07 UTC