ISSUE-38: Profile for signature processing for non-XML or for constrained XML requirements

Profile for signature processing for non-XML or for constrained XML requirements

State:
CLOSED
Product:
XML Security 1.1 Requirements and Design Considerations
Raised by:
Scott Cantor
Opened on:
2008-07-29
Description:
[bhill] I see some significant value potential in a mandatory C14N algorithm for "the simplest possible case" or close to it. Consider the a raw-octets digest as done by Cantor, et al's SimpleSign or some XrML licenses, where transmission is assumed to be point-to-point (at least between XML aware entities) but there is still a desire to have signature data carried by XML.

This sort of signature is widely deployed in application-specific implementation; it would be beneficial for all fully-featured XMLDSIG processors to have a *standard* way to inter-operate with systems only implementing such limited signature capabilities.
Related Actions Items:
No related actions
Related emails:
  1. 2009-03-31 Minutes for Approval (from edsimon@xmlsec.com on 2009-04-03)
  2. Agenda: Distributed Meeting 2009-03-31 (from frederick.hirsch@nokia.com on 2009-03-30)
  3. Agenda: Distributed Meeting 2009-03-24 v2 (resend) (from frederick.hirsch@nokia.com on 2009-03-23)
  4. Agenda: Distributed Meeting 2009-03-24 v2 (from Frederick.Hirsch@nokia.com on 2009-03-23)
  5. Agenda: Distributed Meeting 2009-03-24 (resend) (from Frederick.Hirsch@nokia.com on 2009-03-22)
  6. Agenda: Distributed Meeting 2009-03-24 (from Frederick.Hirsch@nokia.com on 2009-03-22)
  7. Agenda: Distributed Meeting 2009-03-17 (resend) (from frederick.hirsch@nokia.com on 2009-03-11)
  8. Agenda: Distributed meeting 2009-03-17 (from Frederick.Hirsch@nokia.com on 2009-03-11)
  9. Requirements as Issues (XML Signature and Canonicalization V Next Requirements) (from gerald.edgar@boeing.com on 2009-03-09)
  10. Re: 9 december minutes update (from frederick.hirsch@nokia.com on 2008-12-16)
  11. Agenda: Distributed meeting 2008-12-09 (from frederick.hirsch@nokia.com on 2008-12-05)
  12. Action: A need to address requirements listed as Issues (from gerald.edgar@boeing.com on 2008-09-22)
  13. Meeting record: 2008-07-29 (from tlr@w3.org on 2008-08-12)
  14. Draft minutes for Jul 29 meeting (from cantor.2@osu.edu on 2008-07-31)

Related notes:

[bhill] Such a C14N profile would likely only be supported for a constrained set of transforms and reference types. Perhaps for enveloping only, or enveloping and detached with a full URI reference. XPath, XPointer references would be disallowed, as well as additional C14N transforms, XSLT, etc. except perhaps Base64?

Bradley Hill, 30 Jul 2008, 01:33:31

Would be necessary to disallow raw-octet C14N if used with other than enveloping or detached signatures employing full URI references. (no XPath or XPointer) Also disallow all other transforms other than Base64. Is this a breaking change with current spec? (all algorithms, transforms, etc. are assumed to be able to be combined in any manner today)

Bradley Hill, 30 Jul 2008, 01:37:13

Display change log ATOM feed

Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 38.html,v 1.1 2017/01/10 16:24:51 carine Exp $