This document summarizes the changes that the XML Security Specifications Maintenance Group has made to the XML Signature Syntax and Processing Specification in preparing a proposed second edition.
Updated to 2nd edition, updated status of the document section, added Frederick Hirsch and Thomas Roesssler as editors.
Removed "-" from title, changing "XML-Signature" to "XML Signature"
Updated normative reference for SHA-1 to FIPS 180-2.
Example updated to use C14N 1.1; digest values removed to avoid impression that example could serve as a useful test case.
idem
Example updated to use C14N 1.1 by way of
Transforms
element; digest value removed; lines
in example and references to them renumbered.
idem
Added material to RECOMMEND C14N 1.1 if inclusive
canonicalization is desired, and explain its use through
Transforms
element.
Clarified specification language to match its intent; referring to XML Schema part 2, 2nd Edition for encoding rules.
Removed "MUST be able to parse URI syntax", as it is not a testable conformance requirement.
Clarified role of Type
attribute per erratum
E05.
Added a pointer to Section 3.1.1 to draw attention to handling of default canonicalization algorithms.
Defined same-document reference consistent with RFC 2396 to avoid conformance-affecting side effects from change of normative reference to RFC 3986.
Rephrased xpointer-related parts of reference processing model in terms of the XPointer Framework Recommendation; the model was phrased in terms of the failed 2001 XPointer Candidate Recommendation.
Defined REQUIRED xpointer() scheme xpointers explicitly, since xpointer() scheme is not a Recommendation. (cf XML Coordination Group discussion [member confidential].)
Added clarification of change in specification text.
Rephrased specification language in terms of the XPointer Framework Recommendation.
Transforms
ElementCorrected document-internal link to section 6.6.
RetrievalMethod
ElementClarified role of Type
attribute per erratum
E05.
Added note on discrepancy between schema and DTD. While the DTD is correct (and the schema wrong), the group resolved to keep the schema intact.
X509Data
ElementUpdated normative reference from RFC 2253 to RFC 4514.
Clarified requirements on content of
X509IssuerSerial
and
X509SubjectName
elements.
Clarified conformance requirements in section 4.4.4.1.
Clarified additional encoding rules.
This change addresses erratum E01, but goes beyond the changes proposed there.
Object
ElementCorrection of example per E06.
Added Canonical XML 1.1 as Required, Canonical XML 1.1 with Comments as Recommended.
Update SHA-1 link to point to FIPS-180-2.
Editorial change per E07.
Editorial changes.
Discussion of C14N 1.1 vs C14N 1.0
Clarification of normal form output from canonicalization algorithms per E04.
Added note per E02 to point out existence of exclusive canonicalization, with editorial changes to cover C14N 1.1.
Renamed from "Canonical XML" to "Canonical XML 1.0"; corresponding change in body of section.
New section.
Change "barename" to "shortname" to use terminology from XPointer Framework Recommendation.
Change "barename" to "shortname" to use terminology from XPointer Framework Recommendation.
Add pointer to XPath Filter 2.0 Recommendation per E03.
Updates to implement changes outlined above.
Updated normative reference for SHA-1 to point to FIPS PUB 180-2 instead of FIPS PUB 180-1.
Updated normative reference for DSA to point to current version of FIPS PUB 186-2.