[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] [XML Signature]SAML profile of XML Signature
I agree that RSA is more prevalent. However, I do not think it is appropriate for us to recommend a signature algorithm. --------------------------- Jahan Moreh Chief Security Architect Sigaba Corp. jmoreh@sigaba.com <mailto:jmoreh@sigaba.com> cell: 310.890.9391 tel: 310.286.3070 >-----Original Message----- >From: Krishna Sankar [mailto:ksankar@cisco.com] >Sent: Wednesday, October 24, 2001 10:32 PM >To: Rich Salz >Cc: oasis sstc >Subject: RE: [security-services] [XML Signature]SAML profile of XML >Signature > > >Rich, > > Appreciate the comments. > > 1. RSA over DSA, do we care ? I mean, isn't it a >function of the security >requirements ? We could, of course, add a statement saying >"The RECOMMENDED >... " Any rationale to be added as a part of the recommendation ? > > 2. C14N w/Comments : My rationale in preserving >the comments was to sign as >much as possible in line with the "What is not signed is not secure" >principle. Come to think of it, may be it does not make any >sense preserving >the comments for signing. I am open to use the C14N without comments. > > 3. Can you please let me know the editorial changes ? > > Once again, thanks for the quick reply > >cheers and have a good night > > | -----Original Message----- > | From: Rich Salz [mailto:rsalz@zolera.com] > | Sent: Wednesday, October 24, 2001 10:22 PM > | To: Krishna Sankar > | Cc: oasis sstc > | Subject: Re: [security-services] [XML Signature]SAML profile of XML > | Signature > | > | > | I'd like to see you recommend RSA and avoid DSA. > | I'd like to know why you recommend preserving comments in C14N. > | > | Other then that -- and a few trivial word edits -- looks okay to me. > | /r$ > | -- > | Zolera Systems, Securing web services (XML, SOAP, Signatures, > | Encryption) > | http://www.zolera.com > | > | ---------------------------------------------------------------- > | To subscribe or unsubscribe from this elist use the subscription > | manager: <http://lists.oasis-open.org/ob/adm.pl> > | > > >---------------------------------------------------------------- >To subscribe or unsubscribe from this elist use the subscription >manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC