This document describes the interoperability requirements over a features, operations, and requirements specified by the XML Signature Processing and Syntax specification as required by the charter and defined by IETF RFC2026:
4.1.2 Draft Standard A specification from which at least two independent and interoperable implementations from different code bases have been developed, and for which sufficient successful operational experience has been obtained, may be elevated to the "Draft Standard" level. For the purposes of this section, "interoperable" means to be functionally equivalent or interchangeable components of the system or process in which they are used.
Tests to satisfy this requirement should operate over the following (tenative) list of (mostly) MANDATORY operations of the July 11 Signature specification as captured in the 20000810 signature examples. The following information is the best assesment of the Chairs and does not necessarily represent the latest state of any given implementation. The following key applies: "Y"(implemented), "Y"(interoperable with others in the matrix), "N"(not implemented), ""(unkown).
Feature (yellow designates interoperable examples exchanged) | Key Word | IBM | Done360 | Baltimore | Microsoft | |
Operation: Reference
elements generation/validation (HTTP and digesting) |
MUST | Y | Y | Y | Y | |
Feature: Detached Signature | MUST | Y | Y | Y | Y* | |
Feature: Enveloped
Signature (requires: XPath selector that drops SignatureValue) |
MUST | Y | Y | Y | ||
Feature: Enveloping Signature | MUST | Y | Y | Y | Y | |
|
MUST | Y | Y | Y | Y | |
Operation: SignatureValue
generation/validation |
MUST | Y | Y | Y | Y | |
Requirement: Signing parts of a document | MUST | Y | Y | |||
|
MUST SHOULD |
Y Y |
Y Y |
Y Y |
||
Feature: KeyValue | MUST | Y | Y | Y | Y | |
Algorithm Type | Algorithm | Key Word | IBM | Done360 | Baltimore | Microsoft |
Digest | SHA1 | REQUIRED | Y | Y | Y | Y |
Encoding | Base64 | REQUIRED | Y | Y | Y | Y |
MAC | HMAC-SHA1 | REQUIRED | Y | Y | Y | Y |
Signature | DSAwithSHA1 (DSS) |
REQUIRED | Y | Y | Y | Y |
RSAwithSHA1 | RECOMMENDED | Y | Y | Y | Y | |
Canonicalization | minimal | RECOMMENDED | N | N | ||
Canonical XML (20000710) | REQUIRED | Y | Y | Y | Y |
* Interoperable for verification only.
Last revised by Reagle $Date: 2000/10/03 21:35:51 $
=======