Copyright © 1999 The Internet Society & W3C (MIT, INRIA, Keio), All Rights Reserved. W3C liability, trademark, document use and software licensing rules apply.
This is a very immature WG XML Signature Scenarios WG draft. At some point, a future version may be advanced as W3C Note/IETF Informational RFC. It is based on the submissions of the contributors as well as examples from Brown's IETF draft [Brown].
Please send comments to the editor <jboyer@uwi.com> and cc: the list <w3c-ietf-xmldsig@w3.org>. Publication as a Working Draft does not imply endorsement by the W3C membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite W3C Drafts as other than "work in progress".A list of current W3C working drafts can be found at http://www.w3.org/TR. Publication as a Working Draft does not imply endorsement by the W3C membership.
This document provides scenarios that exemplify specific signature problems that should be addressed by the XML Digital Signature specification.
The XML 1.0 Recommendation [XML] describes the syntax of a class of data objects called XML documents. The mission of the XML DSig working group is to develop a XML syntax used for representing signatures on digital content and procedures for computing and verifying such signatures. Signatures will provide data integrity, authentication, and/or non-repudiatability.
The purpose of this document is to help inform the specification of XML signatures by providing specific examples of signature problems that should be considered and, whenever possible, solved by the XML Signature specification.
Each example consists of a textual description of the problem and XML markup demonstrating how to express the signature. Example markup presently use the syntax described in the Brown (990618) draft, but will changed to test/apply the syntax developed by the WG. Regardless, examples may leave out portions of the signature element (for example, Certificates, OriginatorInfo) if they have no bearing on the example.
The problem is to digitally sign an arbitrary piece of information.
The piece of information is not associated with any XML document type in particular, so the default dsig:Document element is used as the root element.
It is assumed that the application has obtained the piece of information and placed it into the package element prior to performing signature generation. It is also assumed that the digital fingerprint (hash) of the package element will be computed using the algorithm given in the Digest Algorithm element of the Manifest Resource that identifies the package. It is assumed that the application will place the computed hash into the Digest Value using the given encoding method prior to the generation of the digital signature.
QUESTIONS:
<?xml version='1.0'?> <!DOCTYPE dsig:Document PUBLIC 'urn:ietf-org:xmldsig.dtd' SYSTEM 'http://www.dtd.reg.int/dtd/xmldsig.dtd'> <dsig:Document>
<dsig:DigestAlgorithms>
<dsig:Package id='data' dsig:eval='xhash'>
<dsig:Signatures>
<dsig:Manifest>
<dsig:Resources>
<dsig:Attributes>
<dsig:OriginatorInfo>
<dsig:SignatureAlgorithm>
</dsig:Manifest>
<dsig:Value>xsqsfasDys2h44u4ehJDe54he5j4dJYTJ=</dsig:Value>
</dsig:Signature>
<dsig:Certificates>
<dsig:Certificate type='urn:X500:X509v3'>
<dsig:Certificate type='urn:X500:X509v3'>
</dsig:Certificates>
</dsig:Document> |
Brian A. LaMacchia, Microsoft Corp. bal@microsoft.com
IMPP messages have the property that their
human-readable content is typically quite short, so signature-block size
has a distinct impact on the overall bandwidth used by an IM
system. Furthermore, IM messages,
being instant, tend not to be persisted in stable storage, so
an IM messages will not a priori have a meaningful
URL. What we need, therefore,
is a way to wrap an XML-DSIG signature around a small XML-IMPP
node. For example, heres
a sample IMPP message from one user (impp://microsoft.com/bal)
asking to be notified whenever the status of another user
(impp://citibank.com/dsolo) changes
If we wanted to sign this message, ideally wed be able to just wrap
the IMPP message within a sigblock directly, instead of incorporating it
into a sigblock by reference. That
is, Id like to be able to say something as simple as this:
The subject of the signature (the thing being signed) is the XML node immediately
preceding the open tag of the <signature>
element. (Notice that were we
to do this using a manifest, the manifest itself would be about as large
as the IMPP message!) The
IMPP message is completely self-describing, and the receiving server could
choose to accept/reject the subscription request based on the public key
used to sign the request.
Obviously you could do the same sort of thing with the instant messages
themselves:
</sigblock>
(like IMPP, but typically more complex
messages. Need to pull some
examples from RFC2518).
(again, like IMPP.
Method/Procedure calls w/ arguments.)
...
Example 1: An XML-based IMPP protocol
<?namespace name="impp:" as="impp">
<impp:impp>
<impp:subscribe>
<impp:subject>impp://citibank.com/dsolo</impp:subject>
<impp:property>status</impp:property>
<impp:event-type>change</impp:event-type>
<impp:subscriber-id>impp://microsoft.com/bal</impp:subscriber-id>
</impp:subscribe>
</impp:impp>
<sigblock>
<impp:impp>
<impp:subscribe>
<impp:subject>impp://citibank.com/dsolo</impp:subject>
<impp:property>status</impp:property>
<impp:event-type>change</impp:event-type>
<impp:subscriber-id>impp://microsoft.com/bal</impp:subscriber-id>
</impp:subscribe>
</impp:impp>
<signature id="">
<keyInfo sigAlg="RSA/SHA1" keyinfotype="???">KeyInfoValue</keyInfo>
<sigValue value=some-base64-encoded-string/>
</signature>
</sigblock>
<sigblock>
<impp:impp>
<impp:message>
<impp:subject>impp://citibank.com/dsolo</impp:subject>
<impp:subscriber-id>impp://microsoft.com/bal</impp:subscriber-id>
<impp:message-content>
Hey Dave, want to get some <b>food</b>?
</impp:message-content>
</impp:subscribe>
</impp:impp>
<signature id="">
<keyInfo sigAlg="RSA/SHA1" keyinfotype="???">KeyInfoValue</keyInfo>
<sigValue value=some-base64-encoded-string/>
</signature>
Example 2: WebDAV
Example 3: SOAP
Deduced Requirements
3. Three
4. Four
5. Five