[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] FW: New specs: Exclusive C14N REC; and XPathFilter2 CR (fwd)
Of note to the issues raised regarding signature use in SAML, Exclusive C14N is now a W3C REC, and the easiest Transform to use that doesn't require a SAML schema change to permit ID attributes is now a Committee REC. -- Scott -----Original Message----- From: Christian Geuer-Pollmann [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de] Sent: Thursday, July 18, 2002 11:27 AM To: security-dev@xml.apache.org Subject: New specs: Exclusive C14N REC; and XPath Filter2 CR (fwd) Hi all, FYI, Christian ---------- Forwarded Message ---------- Date: Donnerstag, 18. Juli 2002 11:21 -0400 From: Joseph Reagle <reagle@w3.org> To: "XML Signature (W3C/IETF)" <w3c-ietf-xmldsig@w3.org> Subject: New specs: Exclusive C14N REC; and XPath Filter2 CR Congratulations and thanks to everyone that has contributed to these specifications! Next steps? See if we can get one more interop report on the XPath Filter2, publish it as a Proposed Recommendation in August, and a Recommendation soon afterwards. http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/ Canonical XML [XML-C14N] specifies a standard serialization of XML that, when applied to a subdocument, includes the subdocument's ancestor context including all of the namespace declarations and attributes in the "xml:" namespace. However, some applications require a method which, to the extent practical, excludes ancestor context from a canonicalized subdocument. For example, one might require a digital signature over an XML payload (subdocument) in an XML message that will not break when that subdocument is removed from its original message and/or inserted into a different context. This requirement is satisfied by Exclusive XML Canonicalization. http://www.w3.org/TR/2002/CR-xmldsig-filter2-20020718/ XML Signature [XML-DSig] recommends a standard means for specifying information content to be digitally signed and for representing the resulting digital signatures in XML. Some applications require the ability to specify a subset of a given XML document as the information content to be signed. The XML Signature specification meets this requirement with the XPath transform. However, this transform can be difficult to implement efficiently with existing technologies. This specification defines a new XML Signature transform to facilitate the development of efficient document subsetting implementations that interoperate under similar performance profiles. -- Joseph Reagle Jr. http://www.w3.org/People/Reagle/ W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ W3C XML Encryption Chair http://www.w3.org/Encryption/2001/ ---------- End Forwarded Message ----------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC