W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 1999

Chair Request: Final Comments Submissions to RD

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Fri, 11 Jun 1999 12:21:31 -0400
Message-Id: <3.0.5.32.19990611122131.0094e120@localhost>
To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
The deadline for the first round of Requirements submissions has closed. [1]
The second round will close on the 18th at which point I will prepare it for
publication as a W3C NOTE and ietf-draft. Feel free to send the list any
additions/oppositions to that which is present. [2]

[1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/1999AprJun/0004.html
[2] http://www.w3.org/Signature/Drafts/xml-dsig-requirements-990601.html

          
1. Introduction

   The XML 1.0 Recommendation [[33]XML] describes the syntax of a class
   of data objects called XML documents. The mission of this working
   group is to develop an XML compliant syntax used for representing
   signatures on Web resources and portions of protocol messages
   (anything referencable by a URI) and procedures for computing and
   verifying such signatures. Such signatures will be able to provide
   data integrity, authentication, and/or non-repudiatability
   
2. Design Principles and Scope

    1. The specification for XML-DSig shall describe how to digitally
       sign an XML document. [Charter]
    2. The meaning of the signature is very simple:  The XML signature
       syntax associates the cryptographic signature value with Web
       resources using XML markup. The meaning of the signature may be
       extensible by a set of semantics specified separately. [Charter]
    3. An XML-Signature can apply to parts of XML documents. [Charter]
       The solution shall enable authentication of part or totality of an
       XML document.   [Brown]
    4. More than one signature may exist over any resource. [Charter] The
       solution shall provide for extended signature functionality such
       as co-signature, endorsement, plurality of recipients, etc.
       [Brown]
    5. The specification will not specify methods of serialization or
       canonicalization. XML content is normalized by specifying and
       appropriate content C14N algorithm [[34]DOMHASH, [35]C14N];
       applications are expected to normalize application specific
       semantics prior to handing data to a XML-DSig application.
       [Charter]
       
3. Requirements

Signature Data Model and Syntax

    1. XML-Signature will use the RDF data model [RDF] but need not use
       the RDF serialization syntax. [Charter]
    2. XML-Signature referants are URIs.  [Reagle]
    3. Whenever possible, any resource or algorithm identifier is a URI.
       [Reagle]
    4. The solution shall enable authentication of internal and external
       resources by use of the Manifest. [Brown]
       
Format

    1. An XML-Signature is XML. [Charter]
    2. The solution shall provide a mechanism that eases the production
       of composite documents that consist of the combination by addition
       or deletion of authenticated blocks of information, while
       preserving verifiability of the origin and authenticity of these
       blocks of information. [Brown]
       
Cryptography

    1. The solution shall provide indifferently for digital signature and
       message authentication codes, considering symmetric and asymmetric
       authentication schemes as well as dynamic negotiation of keying
       material. [Brown]
       
Processing

    1. In the event of redundant attributes within the XML Signature
       syntax and relevant cryptographic blobs, XML Signature
       applications prefer the XML Signature semantics. [Reagle]
       
   
   
   
   
_________________________________________________________
Joseph Reagle Jr.   
Policy Analyst      mailto:reagle@w3.org
XML-DSig Co-Chair   http://w3.org/People/Reagle/
Received on Friday, 11 June 1999 12:21:30 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:06 GMT