Design I

Institutional Status and Milestones Table-of-Contents Design II

Principles and Scope

  1. The XML-Signature specification will describe how to a digitally sign a Web resource in general, and an XML document in particular. [Charter] The specification will not specify methods of providing confidentiality though the Working Group may report on the feasibility of such work in a future or rechartered activity. [List(Bugbee)]
  2. The meaning of the signature is very simple:  The XML signature syntax associates the cryptographic signature value with Web resources using XML markup.
    1. The WG is not chartered to specify trust semantics, but syntax and processing rules necessary for communicating signature validity (authenticity, integrity and non-repudiation).  [Charter(Requirement1)]
    2. The XML signature syntax must be highly extensible such that it can support arbitrary application/trust semantics and assertion capabilities -- that can also be signed. For example, potential trust applications include sophisticated timestamps, endorsement, and threshold signature schemes. At the Chairs' discretion and in order to test the extensibility the syntax, the WG may produce non-standard-track proposals defining common semantics relevant to signed assertions about Web resources and their relationships in a schema definition (XML/RDF) or link type definition (XLink). [Charter(Requirement1&4), List(Bugbee, Solo)]
    3. Validity and Identity
      1. Only enough information necessary to check the validity of the cryptographic signature need be provided. [Reagle]
      2. Each signature shall be associated with information to identify the signer and/or the cryptographic information required to validate the signature.   [List(Solo)]

Joseph Reagle, XML Signature Co-Chair

W3C Logo IETF Logo

5 of 11