The Group is part of the Security Activity. It takes up prior W3C Work on XML Signature and XML Encryption, as well as work from the XML Security Specifications Maintenance Working Group, that produced XML Signature, Second Edition.
2010-02-04: The XML Security Working Group published two Last Call Working Drafts:
The group welcomes Last Call comments through 18 March. The group also published several other drafts today: XML Security 1.1 Requirements and Design Considerations, XML Security RELAX NG Schemas, XML Security 2.0 Requirements and Design Considerations, XML Signature Transform Simplification: Requirements and Design, and XML Signature Best Practices. Learn more about XML Technology.
2009-10-22: The XML Security Working Group has published two First Public Working Drafts: XML Signature Syntax and Processing Version 2.0 and Canonical XML Version 2.0. The former provides integrity, message authentication, and/or signer authentication services for data of any type, whether located within the XML that includes the signature or elsewhere. XML Signature 2.0 includes a new transform model designed to address requirements including performance, simplicity and streamability. This model is significantly different than in XML Signature 1.x, see Section 10, Differences from 1.x version. XML Signature 2.0 is designed to be backward compatible, however, enabling the XML Signature 1.x model to be used where necessary. Canonical XML Version 2.0 is a major rewrite of Canonical XML Version 1.1 to address issues around performance, streaming, hardware implementation, robustness, minimizing attack surface, determining what is signed and more. It also incorporates an update to Exclusive Canonicalization, effectively a 2.0 version, as well. (Permalink to news announcement)
2009-07-31: The XML Security Working Group published six documents related to XML signature and encryption. (Permalink to news announcement)
2009-04-30: The Web Applications Working Group has published the Last Call Working Draft of Widgets 1.0: Digital Signatures. This document defines a profile of the XML Signature Syntax and Processing 1.1 specification to allow a widget package to be digitally signed. Widget authors and distributors can digitally sign widgets as a mechanism to ensure continuity of authorship and distributorship. A user agent can use the digital signature to verify the integrity of the widget package and to confirm the signing key(s). Comments are welcome through 01 June. The Working Group also published an updated Working Draft of Widgets 1.0: Requirements. Learn more about the Rich Web Client Activity. (Permalink to W3 news announcement.)
2009-04-30: The XML Security Working Group has published a Working Draft of XML Signature Properties. This document outlines proposed standard XML Signature Properties syntax and processing rules and an associated namespace for these properties. The intent is these can be composed with any version of XML Signature using the XML SignatureProperties element. Learn more about the Security Activity. (Permalink to W3C news announcement)
2009-02-26: The XML Security Working Group has published a set of eight Working Drafts. The XML Signature 1.1 and XML Encryption 1.1 First Public Working Drafts make changes to the default sets of cryptographic algorithms in both specifications. XML Security Use Cases and Requirements and XML Signature Transform Simplification: Requirements and Design are documents that we expect to help guide the group's work on a future version of the XML Security specifications that might make more radical changes than the 1.1 series of these specifications. The Working Group would like to receive early feedback on these four drafts.
Additionally, the XML Security Derived Keys specification introduces mark-up for key derivation, for use with both XML Signature and XML Encryption. XML Signature Properties defines commonly used signature properties. XML Security Algorithms is a cross-reference for the algorithms and their identifiers used with the XML security specifications, bringing in one place information located in a number of documents. XML Signature Best Practices is a revised Working Draft for Best Practices in using the XML Signature specification. (Permalink)
These Working Drafts are currently open for public comment - to send external comments to the Working Group, please use the mailing list public-xmlsec-comments @ w3.org.
2009-11-18 First Public Working Draft of Best Practices for XML Signature published.
Current drafts are available from the Publication Status page. Please send comments related to these documents to public-xmlsec-comments@w3.org. There is a public archive of comments received.
If you would like to appear in this list, send an announcement to the XML Security public mailing list.
Copyright 2007-2008 W3C (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark, document use and software licensing rules apply. Your interactions with this site are in accordance with our public and Member privacy statements.