OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [security-services] [XML Signature]SAML profile of XML Signature

I actually don't care whether a particular crypto-suite is recommended
or not. I will explain that when one standard profiles another, the
first one usually recommends a subset of the second one's choices, in
order to encourage interoperability.

XMLDSIG requires DHA1/DSA and recommends SHA1/RSA.  From an interop
viewpoint that is completely braindead.  How many people do you know
with DSA certs? :)

If times changes and a better crypto mech becomes widespread, then we
can revise the profile.

Again, I don't care, I'm just explaining why it's usually done.
Zolera Systems, Your Key to Online Integrity
Securing Web services: XML, SOAP, Dig-sig, Encryption

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC