OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] FW: New specs: Exclusive C14N REC; and XPathFilter2 CR (fwd)

Of note to the issues raised regarding signature use in SAML, Exclusive
C14N is now a W3C REC, and the easiest Transform to use that doesn't
require a SAML schema change to permit ID attributes is now a Committee
REC.

-- Scott

-----Original Message-----
From: Christian Geuer-Pollmann
[mailto:geuer-pollmann@nue.et-inf.uni-siegen.de] 
Sent: Thursday, July 18, 2002 11:27 AM
To: security-dev@xml.apache.org
Subject: New specs: Exclusive C14N REC; and XPath Filter2 CR (fwd)


Hi all,

FYI,

Christian

---------- Forwarded Message ----------
Date: Donnerstag, 18. Juli 2002 11:21 -0400
From: Joseph Reagle <reagle@w3.org>
To: "XML Signature (W3C/IETF)" <w3c-ietf-xmldsig@w3.org>
Subject: New specs: Exclusive C14N REC; and XPath Filter2 CR


Congratulations and thanks to everyone that has contributed to these
specifications! Next steps? See if we can get one more interop report on
the XPath Filter2, publish it as a Proposed Recommendation in August,
and a Recommendation soon afterwards.

http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/
   Canonical XML [XML-C14N] specifies a standard serialization of XML
   that, when applied to a subdocument, includes the subdocument's
   ancestor context including all of the namespace declarations and
   attributes in the "xml:" namespace. However, some applications
require
   a method which, to the extent practical, excludes ancestor context
from
   a canonicalized subdocument. For example, one might require a digital
   signature over an XML payload (subdocument) in an XML message that
will
   not break when that subdocument is removed from its original message
   and/or inserted into a different context. This requirement is
satisfied
   by Exclusive XML Canonicalization.

http://www.w3.org/TR/2002/CR-xmldsig-filter2-20020718/
   XML Signature [XML-DSig] recommends a standard means for specifying
   information content to be digitally signed and for representing the
   resulting digital signatures in XML. Some applications require the
   ability to specify a subset of a given XML document as the
information
   content to be signed. The XML Signature specification meets this
   requirement with the XPath transform. However, this transform can be
   difficult to implement efficiently with existing technologies. This
   specification defines a new XML Signature transform to facilitate the
   development of efficient document subsetting implementations that
   interoperate under similar performance profiles.


-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/


---------- End Forwarded Message ----------

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC