Two Security First Drafts Published: XML Signature Syntax and Processing Version 2.0; Canonical XML Version 2.0

The XML Security Working Group has published two First Public Working Drafts: XML Signature Syntax and Processing Version 2.0 and Canonical XML Version 2.0. The former provides integrity, message authentication, and/or signer authentication services for data of any type, whether located within the XML that includes the signature or elsewhere. XML Signature 2.0 includes a new transform model designed to address requirements including performance, simplicity and streamability. This model is significantly different than in XML Signature 1.x (see Section 10: "Differences from 1.x version"). XML Signature 2.0 is designed to be backward compatible, however, enabling the XML Signature 1.x model to be used where necessary. Canonical XML Version 2.0 is a major rewrite of Canonical XML Version 1.1 to address issues around performance, streaming, hardware implementation, robustness, minimizing attack surface, determining what is signed and more. It also incorporates an update to Exclusive Canonicalization, effectively a 2.0 version, as well. Learn more about the W3C Security Activity.