[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] question on DSAwithSHA1 algorithm
> The other question which arose in the last Liberty interop test was about > the signature algorithm DSAwithSHA1. Section 4.1 of SAMLConf states that > DSAwithSHA1 is recommended but not required in SAML 2.0. However, it is > mandated for XML signature. One participant could not support DSAwithSHA1 so > we had to require all signatures to be with RSAwithSHA1. Well, just because XMLSig requires something doesn't mean SAML has to. It means we *could* without burdening people too much, but that's about it. > Our question is one of background on this issue. Why was DSAwithSHA1 support > not required in SAML despite the XMLSig mandate? And, are these requirements > still necessary going forward. Thanks. I have no memory of it specifically, maybe somebody else does. I suspect it was just a general sense that requiring something without a good reason was a bad thing. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]