[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] [XML Signature]SAML profile of XML Signature
Because: 1. it will give more prominent stature to one algorithm, and 2. it will leave a vacuum in other possible algorithm recommendations (should we recommend RSA with SHA over RSA with MD5, when using SSL, should we recommend cipher suite "abc" over "xyz", etc.) What if three years from now another algorithm (say Elliptic Curve with DSA) became prevalent? Would the version of SAML then recommend EDSA? XML DSIG already has a <SignatureMethod> that identifies the algorithm. That is sufficient for the verifier to determine what needs to be done to verify. Thanks, Jahan --------------------------- Jahan Moreh Chief Security Architect Sigaba Corp. jmoreh@sigaba.com <mailto:jmoreh@sigaba.com> cell: 310.890.9391 tel: 310.286.3070 >-----Original Message----- >From: rsalz@zolera.com [mailto:rsalz@zolera.com] >Sent: Thursday, October 25, 2001 9:29 AM >To: jmoreh@sigaba.com >Subject: Re: [security-services] [XML Signature]SAML profile of XML >Signature > > >why is it not appropriate to recommend a signature algorithm? >-- >Zolera Systems, Your Key to Online Integrity >Securing Web services: XML, SOAP, Dig-sig, Encryption >http://www.zolera.com > >---------------------------------------------------------------- >To subscribe or unsubscribe from this elist use the subscription >manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC