[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [wss] WSS-XCBF proposed submission
Please note that Monica Martin has recently posted this proposed input document to the list following reports at the Baltimore F2F that some list members did not receive an earlier posting November 25. This document is to be balloted for acceptance as a proposed submission to the WSS work. It's also available on Cover Pages at http://xml.coverpages.org/xmlPapers200211.html#GriffinXCBF-WSS . The proposed token carries as content the biometric information values that are defined in the proposed OASIS XML Common Biometric Format (XCBF) specification which can be found on the XCBF site at http://www.oasis-open.org/committees/xcbf/#documents . XCBF provides a common XML representation for biometric information values required by the NISTR 6529 Common Biometric Exchange File Format (CBEFF) framework, as specified in two US national standards, ANSI/NCITS 358 BioAPI Biometric Information Record (BIR) and ANSI X9.84 Biometric Information Management and Security. Due to liaison efforts, the XCBF schema is the same as that defined in X9.84. NOTE: CBEFF is soon to be proposed as a US national standard. BioAPI is soon to be submitted as an international standard in ISO/IEC JTC1 SC37 Biometrics. X9.84 is to be submitted as a NWI proposal to the ISO TC68 Financial Services security group next month. And XCBF may shortly be transposed for fast track into SG17 in ITU-T through a liaison with OASIS. XCBF uses a schema that allows its values to be represented in a compact binary format or as XML markup. All of these biometric values can be enhanced using digital signatures, MACs, HMACs, symmetric and asymmetric encryption. In this regard these objects are in some way similar to binary objects such as X.509 certificates (which use the same schema definition language as XCBF), and XML objects that are not based on XML schema, but on the schema used in XCBF and X9.84. Cryptographic enhancement processing is identical regardless of whether the XML or binary format is being used. The binary format is that used today for secure email in the IETF S/MIME standard, that defines Cryptographic Message Syntax (CMS). S/MIME of course is a derivative of the familiar RSA PKCS #7 standard. A major difference between S/MIME CMS and that used in XCBF is the definition in XCBF of an XML format and cryptographic processing of XML representations of CMS messages. This proposed XCBF security token format will enable the creation of secure biometric web services and the possibility of using biometrics for user authentication in WSS. So, I hope that you'll vote to accept the WSS-XCBF submission. Phil Griffin
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC