W3C

Testimonials for XML Signature Recommendation

These testimonials are in support of the W3C XML Signature Recommendation.


Baltimore has aggressively pushed the adoption of open standards and interoperability since its inception. XML is proving to be a critical enabling technology for the widespread adoption of digital security, and XML Signatures are a fundamental component of these security technologies. We are pleased to have played an active role in shaping the XML Signature standard, and look forward to deploying it as a core technology in our product offerings.

-- Merlin Hughes, Chief Technical Evangelist, Baltimore Technologies

Capslock is very pleased to see the XML-Signature Syntax become officially approved and we are honored to have participated in the successful process. XML-Signature allows interoperability and economical broad-scale deployment of digital signatures in applications involving business critical information, transactions and operational workflows. Now, demands set forth by the actual operational processes and information structures can efficiently be answered by the technology, for instance, by providing means for multiple signatures, as is often required in applications. Implemented in the Ubisecure Signature component, XML-Signature will be distributed as a standard part of solutions and products provided by Capslock and our Partners.

-- Charles Sederholm, CEO, Capslock, Inc.

IBM applauds the cooperative effort between the IETF and the W3C that led to the development XML Digital Signature. Open industry standards in the security area are a top priority for our customers as we advance the standardization program for Web services in 2002. XML Digital Signature is a critical foundational technology for the security work yet to come.

-- Robert S. Sutor, Director of e-business Standards Strategy, IBM

Lexign endorses the XML Signature specification and is pleased to see it approved as a W3C Recommendation. Lexign considers XML Signature to be an essential part of its Web solution architecture. XML Signature allows Lexign to extend the XML technology from the Forms, Workflow and Storage components of its Suite to its digital signature and security components, resulting in an open and extensible solution.

-- Tamir Orbach, CTO, Lexign

The release of XML Signatures as a W3C Recommendation represents an important stage in the development of secure XML Web services. By using XML D-Sig, developers now have a mechanism for ensuring the integrity of messages they send over unsecured networks. The W3C's current work on XML Encryption will soon enable confidentiality, too. Microsoft has been a strong supporter of these initiatives and is pleased to announce that XML Signatures are a feature of Visual Studio .NET and the .NET Framework.

-- Robert Wahbe, General Manager, XML Web services, Microsoft Corporation

Phaos Technology is excited to see the XML Signature 1.0 specification progress to W3C Recommendation status. XML-DSIG lays a solid foundation for XML security, upon which other important standards like XML Encryption and XML Key Management are being built. With the widespread use of XML in data communication, the crucial data integrity capabilities provided by XML-DSIG are highly welcome. As a leading provider of Java security software, Phaos is pleased to announce its support for these strong new specifications with the introduction of the Phaos XML Toolkit. As part of our continuing commitment to open security standards, the Phaos XML Toolkit allows Java developers to quickly and easily incorporate XML signatures and encryption into their applications across a wide range of platforms and environments.

-- Ari Kermaier, Senior Software Engineer, Phaos Technology Corp.

PureEdge Solutions is very pleased that XML Signature has become a W3C Recommendation. The collaborative and disciplined W3C process has brought together the industry's best, resulting in a specification that has the expressive power to handle the most demanding application scenarios that we have encountered since first applying digital signatues to XFDL in early 1998. We are honored to have participated in co-authoring this specification, we are privileged to have worked with the many dedicated professionals in the working group, and we look forward to incorporating a best-of-breed implementation of XML Signature into our XFDL-based Internet Commerce System product line.

-- John Boyer, Ph.D., Senior Product Architect, PureEdge Solutions Inc.

The W3C XML Signature recommendation is a basic building block for bringing trust and confidence to a wide range of new applications. The abilities of using multiple signatures in workflow applications or signing specific parts of structured documents will revolutionize the way on how we use digital signatures. Embedding a signature into a document brings us very close to the way we handle handwritten signatures today. We hope that donating our open-source XML Signature implementation to the XML Apache project will help to wide-spread this emerging and important technology and be a trigger for more academic research in the field of XML related security technologies.

-- Christian Geuer-Pollmann, Committer to the XML Apache Project, Institute for Data Communications Systems, University of Siegen

Strong security must be in place before the Internet promise of inexpensive and pervasive B2B integration can be realized. Compromise in the area of security has potentially serious legal, image and client relationship implications - prospects our customers are well aware of and concerned about. While numerous advances are occurring in the area of Internet B2B Integration, advances in security have lagged behind. XML payloads and Web Services architectures introduce additional security challenges. The W3C XML Signature specification ensures the integrity of information exchanged over the Internet in a standardized manner to ensure interoperability. Sterling Commerce supports XML Signature as vital in the protection of XML payloads in the next generation Web Services integration scenarios. Our STERLING:Integrator solution leverages XML Signature to provide both secure application and Web Services oriented B2B integration.

-- Brian Gibb, Director, Standards & Applied Technology, Sterling Commerce

Sun Microsystems strongly supports the publication of XML-Signature Syntax and processing as a W3C Recommendation. Through the Java Community Process, we are actively working with the Java(TM) Community to define a standard high-level Java API for generating and validating XML Signatures based on the W3C specification. We expect that the Java XML Signature APIs will be an important building block for creating secure web services.

-- Sean Mullan, Co-specification lead of JSR 105 (Java XML Digital Signature API), and Raghavan Srinivas, Software Engineer; Sun Microsystems

The advent of Web Services presents a need for a whole new type of security. This sits at a higher level than firewalls or SSL - because security applications for Web Services must be capable of "dipping into" the stream of data which is passing through the web ports and checking it against a list of security rules.The XML signature is an important technology both in itself and as a vital enabler for this new "intelligent" way of addressing security requirements.

-- Mark O'Neill, CTO at Web services security firm, Vordel

The XML Signature Recommendation is a break-through in Web security technology. With its unique capabilities such as covering multiple resources in one signature and being able to selectively include or exclude what parts of documents are signed, XML Signature exemplifies the incredible synergy of bringing XML and security together. HTML and XML created a revolution in the usability and capability of the Internet; now we are doing the same in the realm of security. XMLsec Inc. applauds the W3C for the fine leadership it has shown in the area of Web security including the latest initiatives in XML Encryption, XML Key Management Services, and secure SOAP. 'XML Security is security designed for the Web' and so XMLsec will continue to work with the W3C to ensure trust and confidence in the Web.

-- Ed Simon, President and CEO, XMLsec Inc.


La recommandation de XML Signature est un grand avancement en technologie de sécurité de Web. Avec ses capacités uniques telles que couvrir les ressources multiples dans une signature seule et pouvoir sélectivement inclure ou exclure quelles parties de documents sont signées, la XML Signature exemplifie la synergie incroyable de réunir XML et sécurité. Le HTML et le XML ont créé une révolution dans la accessibilité et la capacité de l'Internet; maintenant nous faisons la même chose dans la zone de la sécurité. XMLsec Inc. applaudit le W3C pour la conduite fine qu'il a montrée dans le domaine de la sécurité de Web comprenant les dernières initiatives dans le chiffrement de XML (XML Encryption), les services de gestion des clés de XML (XML Key Management Services), et le SOAP sûr. La sécurité de XML est sécurité dessinée pour le Web et ainsi XMLsec continuera à travailler avec le W3C pour assurer la confiance en Web.

-- Ed Simon, President and CEO, XMLsec Inc.


About the World Wide Web Consortium [W3C]

The W3C was created to lead the Web to its full potential by developing common protocols that promote its evolution and ensure its interoperability. It is an international industry consortium jointly run by the MIT Laboratory for Computer Science (MIT LCS) in the USA, the National Institute for Research in Computer Science and Control (INRIA) in France and Keio University in Japan. Services provided by the Consortium include: a repository of information about the World Wide Web for developers and users, reference code implementations to embody and promote standards, and various prototype and sample applications to demonstrate use of new technology. To date, over 500 organizations are Members of the Consortium.

For more information about the World Wide Web Consortium, see http://www.w3.org/