XML Security Working Group - Publications
Recommendations
- Deliverers
- XML Security Working Group
- 1 translation for Decryption Transform for XML Signature
- français
This document specifies an XML Signature "decryption transform" that enables XML Signature applications to distinguish between those XML Encryption structures that were encrypted before signing (and must not be decrypted) and those that were encrypted after signing (and must be decrypted) for the signature to validate.
- Deliverers
- XML Security Working Group
- 1 translation for XML-Signature XPath Filter 2.0
- español
XML Signature [XML-DSig] recommends a standard means for specifying information content to be digitally signed and for representing the resulting digital signatures in XML. Some applications require the ability to specify a subset of a given XML document as the information content to be signed. The XML Signature specification meets this requirement with the XPath transform. However, this transform can be difficult to implement efficiently with existing technologies. This specification defines a new XML Signature transform to facilitate the development of efficient document subsetting implementations that interoperate under similar performance profiles.
- Deliverers
- XML Security Working Group
- 1 translation for Exclusive XML Canonicalization Version 1.0
- français
Canonical XML [XML-C14N] specifies a standard serialization of XML that, when applied to a subdocument, includes the subdocument's ancestor context including all of the namespace declarations and attributes in the "xml:" namespace. However, some applications require a method which, to the extent practical, excludes ancestor context from a canonicalized subdocument. For example, one might require a digital signature over an XML payload (subdocument) in an XML message that will not break when that subdocument is removed from its original message and/or inserted into a different context. This requirement is satisfied by Exclusive XML Canonicalization.
Any XML document is part of a set of XML documents that are logically equivalent within an application context, but which vary in physical representation based on syntactic changes permitted by XML 1.0 [XML] and Namespaces in XML [Names]. This specification describes a method for generating a physical representation, the canonical form, of an XML document that accounts for the permissible changes. Except for limitations regarding a few unusual cases, if two documents have the same canonical form, then the two documents are logically equivalent within the given application context. Note that two documents may have differing canonical forms yet still be equivalent in a given context based on application-specific equivalence rules for which no generalized XML specification could account.
Notes
- Deliverers
- XML Security Working Group
XML Signature 2.0 evolves the transform model of XML Signature to enable easier and more efficient implementations of the specification.
- Deliverers
- XML Security Working Group
This document outlines test cases for Canonical XML 2.0, a major revision of XML canonicalization. It currently includes tests from Canonical XML 1.0 and new tests related to XML namespace handling.
- Deliverers
- XML Security Working Group
Canonicalization 2.0 dovetails with the XML Signature 2.0 specification, and provides an XML canonicalization mechanism that is optimized for the needs of that specification.
- Deliverers
- XML Security Working Group
This document provides a summary of non-editorial changes in XML Encryption 1.1 from the XML Encryption Recommendation.
- Deliverers
- XML Security Working Group
This document provides a summary of non-editorial changes in XML Signature 1.1 from the XML Signature Second Edition Recommendation.
- Deliverers
- XML Security Working Group
This document specifies how the XML Signature 2.0 transform model may be used with XML Encryption 1.1 for CipherReference processing.
- Deliverers
- XML Security Working Group
This document outlines use cases, requirements and design choices for XML Security 2.0, specifically Canonical XML 2.0 and XML Signature 2.0. It includes a proposed simplification of the XML Signature Transform mechanism, intended to enhance security, performance, streamability and to ease adoption.
- Deliverers
- XML Security Working Group
Generic hybrid ciphers allow for a consistent treatment of asymmetric ciphers when encrypting data and consist of a key encapsulation algorithm with associated parameters and a data encapsulation algorithm with associated parameters. This document augments XML Encryption Version 1.1 by defining algorithms, XML types and elements necessary to enable use of generic hybrid ciphers in XML Security applications.
- Deliverers
- XML Security Working Group
This document serves to publish RELAX NG schemas for XML Security specifications, including XML Signature 1.1, and XML Signature Properties.
- Deliverers
- XML Security Working Group
This document defines a streamable profile of XPath 1.0 suitable for use with XML Signature 2.0.
- Deliverers
- XML Security Working Group
This document is the interop report for new features introduced in XML Encryption 1.1. It does not replicate interop testing performed for features retained from XML Encryption 1.0.
- Deliverers
- XML Security Working Group
This document is the interop report for new features introduced in XML Signature 1.1. It includes the test cases and test results for these new features. It does not replicate interop testing performed for features retained from XML Signature 1.0.
This document defines interoperability test cases for Canonical XML 1.1 [XML-C14N1.1] and XML Signature Syntax and Processing, Second Edition [XMLDSIG2]. The changes tested include C14N11 handling of attributes in the XML namespace, including xml:id and xml:base, appropriate C14N11 nodeset to octet stream transform processing, modifications to RFC 3986 dot segment processing for C14N11, and RFC 4514 string encoding of Distinguished Names. The tests include standalone C14N11 tests as well as tests integrated with XML signature generation and validation. This document also includes earlier test cases used in XML Signature [XMLDSIG] for regression testing.
- Deliverers
- XML Security Working Group
This document lists the design principles, scope, and requirements for XML Encryption. It includes requirements as they relate to the encryption syntax, data model, format, cryptographic processing, and external requirements and coordination.