- From: Joseph Reagle <reagle@w3.org>
- Date: Wed, 10 Apr 2002 14:49:12 -0400
- To: Jiandong Guo <jguo@phaos.com>, xml-encryption@w3.org
On Wednesday 10 April 2002 13:55, Jiandong Guo wrote: > The DiggestMethod child in the element AgreementMethod is optional. > Since it is necessary to > have a digest method specified to compute the shared secret, should we > also set the default to be SHA1 if > not provided? This is in parallel with what has been done for RSA-OAEP. I was going to raise this issue myself (given I owe your a response on the identifier issue) but in the opposite direction: I do not like the optional SHA1 proposed in the RSA-OAEP text since the Candidate REC. At the start of xmldsig we made a, IMHO well founded, decision not to rely upon implicit options, or default syntax in the schema DTD. We erred on the side of explicitness: if a bit of syntax wasn't there, then the meaning was known to the applications or to no one at all. We could do assign an default semantic to nearly every bit of syntax, but for better or worse, xmldsig and xenc went the explicit route and I don't want to start creating exceptions now. -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/
Received on Wednesday, 10 April 2002 14:50:16 UTC