OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] [XML Signature]SAML profile of XML Signature

Richard - 
I appreciate the explanation and understand your position. 

Jahan Moreh
Chief Security Architect
Sigaba Corp.
jmoreh@sigaba.com <mailto:jmoreh@sigaba.com> 
cell: 310.890.9391
tel: 310.286.3070

>-----Original Message-----
>From: rsalz@zolera.com [mailto:rsalz@zolera.com]
>Sent: Thursday, October 25, 2001 10:20 AM
>To: jmoreh@sigaba.com
>Cc: 'Krishna Sankar'; 'oasis sstc'
>Subject: Re: [security-services] [XML Signature]SAML profile of XML
>I actually don't care whether a particular crypto-suite is recommended
>or not. I will explain that when one standard profiles another, the
>first one usually recommends a subset of the second one's choices, in
>order to encourage interoperability.
>XMLDSIG requires DHA1/DSA and recommends SHA1/RSA.  From an interop
>viewpoint that is completely braindead.  How many people do you know
>with DSA certs? :)
>If times changes and a better crypto mech becomes widespread, then we
>can revise the profile.
>Again, I don't care, I'm just explaining why it's usually done.
>	/r$
>Zolera Systems, Your Key to Online Integrity
>Securing Web services: XML, SOAP, Dig-sig, Encryption

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC