Roadmap
From XML Security WG Wiki
This Roadmap reflects the WG current plans for work to meet its charter. This plan is subject to change at any time by the WG. Status of documents being produced by the WG is provided at the PublicationStatus page.
Contents |
XML Security 1.1 Release
The 1.1 Release is planned to have an updated WD publication during June/July 2009. This will be followed by a Last Call tentatively late summer/early fall 2009.
This release includes the following:
- XML Signature 1.1
- XML Encryption 1.1
- XML Signature Properties
- XML Security Algorithm Cross-Reference
- XML Security Generic Hybrid Ciphers
(The Working Group has incorporated the XML Security Derived Keys specification material into XML Encryption 1.1 specification, so the Derived Keys specification will not progress).
The intent of this release is to provide a non-breaking additive update to the current XML Security specification that does the following:
- Updates list of required/recommended/optional algorithms to add new algorithms based on SHA algorithms stronger than SHA-1.
- Clarify that SHA algorithms stronger than SHA-1 should be used, given the pace with which attacks on SHA-1 are progressing.
- Add elliptic curve algorithms based on a limited selection of curves to meet Suite B requirements and to provide alternative to RSA family.
- Only require DSAwithSHA1 for signature verification, but not signature generation.
- Add explicit support for OCSP information in KeyInfo in XML SIgnature 1.1
- Clarify various aspects of the specifications, update references,and recognize existing work developed since the original specification, including Exclusive Canonicalization and XPath Filter 2.0.
- The Algorithms cross-references provides a summary of various algorithm URI identifiers used in XML Security and references to the various documents that define them, to avoid confusion and possible usage errors.
XML Security 2.0 Release
The focus of the XML Security 2.0 release is to achieve performance improvements to XML Signature and its use of XML Canonicalization, enable streaming processing, reduce the attack surface, and incorporate improvements from the 1.1 release.
The WG is attempting to do this with minimal impact on backward compatibility but may find it necessary to make breaking changes.
Changes may include changes to the transform and reference processing model, canonicalization and other aspects.
The 2.0 Release will include:
- Canonical XML Version 2.0
- XML Signature Version 2.0
- XML Security Use Cases and Requirements
- XML Signature Transform Simplification: Requirements and Design
Additional XML Security Deliverables
The XML Security WG is also producing additional material that is useful for the XML Security environment, including a Best Practices document original published in conjunction with XML Signature, Second Edition:
- XML Security Best Practices
The XML Security WG may consider possibly producing an RNG schema for its deliverables.
XML Security Maintenance
The WG is producing errata on existing specifications as needed, including
- XML Signature 1.0 Errata
- XML Encryption 1.0 Errata
- XML Signature Second Edition Errata
- Errata of the Exclusive Canonicalization Version 1.0 Specification
