Author
Frederick Hirsch
<frederick.hirsch@nokia.com>
Thomas Roessler
<tlr@w3.org>
Date
$Date: 2009/06/22
14:42:23 $
This document
summarizes the changes that the XML Security Working Group has made to the XML
Signature Syntax and Processing Specification Second Edition in preparing a
proposed 1.1.
General Changes
Removed DTD snippets and all references to a DTD.
Updated to Version 1.1, updated date and version links. Updated
editor information to add Kelvin Yiu as editor, updated entries for Frederick
Hirsch and Thomas Roesssler to include 1.1 editing.
Update MIT address from lcs to csail.
Changed title of Section 3.1 to "Signature Generation"
Include 3.1.1, 3.1.2, Reference Generation, Signature Generation
Include 3.2.1, 3.2.2, Reference Validation, Signature Validation
Include 4.1, "CryptoBinary Simple Type"
Added new section, 4.4.3, "The ECKeyValue Element"
Add subsections to 6.2 for SHA-1, SHA-256, SHA-384, SHA-512
Add subsections to 6.3 for HMAC
Add subsections to 6.4 for DSA, RSA (PKCS1), ECDSA
Added new section, 6.5.3, "Exclusive XML Canonicalization
1.0"
Removed "Authors' Address" section
1.3
Versions, Namespaces and Identifiers
Add new namespace for 1.1 specific features, while retaining
earlier namespace for unchanged features. Clarification of use of namespace
prefixes and XML internal entities. Clarification regarding versioning.
Affiliation update for Konrad Lanz. Add statement acknowledging
contributions from the XML Security WG to 1.1.
Example updated to use rsa-sha256 SignatureMethod algorithm and
sha256 DigestMethod algorithm.
Example updated to use sha256 DigestMethod algorithm.
Example updated to use sha256 DigestMethod algorithm.
Example updated to use sha256 DigestMethod algorithm.
Added note indicating need for canonicalization as part of Reference
Validation since changes could occur in serialization after Signature
generation.
Added preamble for dsig11 namespace, including DOCTYPE and schema
material.
4.3.3.2
The Reference Processing Model
Added XPath Filter 2 Transform as alternative to URI fragment
identifiers, in addition to XPath Transform.
Editorial, replace &dsig; with dsig:.
Add new KeyInfo Type URIs for new child elements.
Change RSA from RECOMMENDED to REQUIRED in note that the
corresponding structured keys are defined in the Signature Algorithms section.
Add ECDSA as REQUIRED in list.
4.4.2.3
The ECKeyValue Element
New section
Define ECKeyValue element. Include editorial note that working
group has considered but not accepted an alternative design and may change
decision if additional information is obtained.
4.4.2.3.1
Explicit Curve Parameters
New section
Define ECParameters element.
Inserted reference to SEC-1 2.0 for verifiably random curves.
4.4.2.3.2
Compatibility with RFC 4050
New section
Profile RFC 4050 with respect to ECDSA key formats.
4.4.3
The RetrievalMethod Element
Add note to describe the need to use a Transform to obtain content
of KeyInfo referenced by ID.
Add dsig11:OCSPResponse element to list of elements that may be
included.
Add RECOMMENDED certificate encoding to be BER or DER subset.
Add note regarding use of X509IssuerSerial and possible issue with
schema validation when large serial numbers are used.
4.4.4.1
Distinguished Name Encoding Rules
Add OCSPResponse element to schema definition for X509Data, with
comment noting it should be in dsig11: namespace.
4.4.8
The DEREncodedKeyValue Element
New section
Add a KeyInfo representation for DER-Encoded Subject Public Key
Info representation of public keys.
6.1
Algorithm Identifiers and Implementation Requirements
Added note that the working group does not have consensus on
manditory algorithms and note some of the positions regarding the choice.
Reformat the list of algorithms into separate Required and
Optional lists, for clarity.
Add SHA256 as required Digest algorithm.
Add SHA384 and SHA512 as optional Digest algorithms.
Add HMAC-SHA256 as Recommended MAC algorithm.
Add HMAC-SHA384 and HMAC-SHA512 as optional MAC algorithms.
Add RSAwithSHA256 as required Signature algorithm.
Add ECDSAwithSHA256 as required Signature algorithm.
Change so that DSAwithSHA1 is only required as Signature algorithm
for Signature verification, but is optional for Signature generation.
Previously it was Required for both.
Add RSAwithSHA384,RSAwithSHA512, ECDSAwithSHA1, ECDSAwithSHA384,
ECDSAwithSHA512 as optional Signature algorithms.
Add Exclusive XML Canonicalization 1.0 with Comments as
recommended canonicalization algorithm.
Add XPath Filter 2.0 as Recommended transform algorithm.
Add recommendation to use least expressive transform possible to
achieve result.
Add note that implementation requirements for XPath transform may
be downgraded to optional in future version of specification.
Added text to SHA-1 to state that use is DISCOURAGED (but still
required).
Changed HMAC-SHA256 to REQUIRED
Added text to HMAC-SHA1 to state that use is DISCOURAGED
Changed HMAC-SHA384, HMAC-SHA512 to RECOMMENDED (from OPTIONAL).
Added text to indicate that use of RSA-SHA1 and ECDSA-SHA1 is
DISCOURAGED.
Add introduction noting possible concerns with digest algorithm
resistance to collisions and strongly recommending use of SHA-256 in preference
to SHA-1.
Added text to introduction explaining why use of SHA-1 is
discouraged.
Add identifier and information for SHA-256 digest algorithm.
Add identifier and information for SHA-384 digest algorithm.
Add identifier and information for SHA-512 digest algorithm.
Add identifiers for HMAC-SHA256, HMAC-SHA384, and HMAC-SHA512
algorithms.
Add security considerations note regarding DSA key sizes.
Change section title from "PKCS1 (RSA-SHA1)" to
"RSA (PKCS#1 v1.5)".
Add identifiers for RSA-SHA256, RSA-SHA384, and RSA-SHA512
algorithms.
New section.
Identifiers and information for ECDSA algorithms, including ECDSA-SHA1,
ECDSA-SHA256, ECDSA-SHA384, and ECDSA-SHA512 algorithms.
6.5
Canonicalization Algorithms
Remove text regarding Normalization Form C.
Clarify inputs and outputs for algorithm.
Clarify inputs and outputs for algorithm.
6.5.3
Exclusive XML Canonicalization 1.0
New Section
Define identitifers, input and output and other information for
Exclusive XML Canonicalization 1.0.
Add text that implementation requirements are listed in the Algorithm
Identifier and Implementation Rquirements section.
Clarify inputs and outputs for algorithm.
Clarify inputs and outputs for algorithm.
6.6.4 Enveloped Signature Transform
Clarify inputs and outputs for algorithm.
Clarify inputs and outputs for algorithm.
7.0
XML Canonicalization and Syntax Constraint Considerations
Fix typo, replace "descendents" with
"descendants".
Fix typo, replace "Implementors" with
"Implementers".
9.0
Schema, DTD, Data Model, and Valid Examples
Change title of section to Schema and remove all material related
to DTD, RDF and examples. Note that examples replicated material elsewhere in
the specification.
Add XML Signature 1.1 Schema Instance to the list.
Add editors note that section needs update to split into normative
and non-normative references.
Add references to RCF 2560 (OCSP), RFC 3279 (PKIX), RFC 4050
(ECDSA for XML Digital Signatures) and RFC 4051 (Additional XML Security URIs).
Add references to SEC1 and SEC2 (Elliptic Curve Cryptography).
Add references to FIPS PUB 180-2 for SHA-256, SHA-384 and SHA-512.
Add reference to SP 800-57 for Key Management.
Add reference to RFC 3061 for URN namespace of Object Identifiers.
Add reference for XML Encryption.
Correct URIs associated with reference for XML Signature
Requirements
Added reference to recent work on SHA-1 analysis (to be changed once
paper appears on IACR.org).
Removed reference to SEC2 (not referenced)
Updated reference to SEC1 to 2.0 version.
Removed (temporary) reference to X9.62.
Updated Reference for FIPS-186-3 to reflect final publication.
Changed DSS reference to be the FIPS-186-3 reference.
**Split references into normative and informative. Updated the following references to reflect
final publication: DOM, PGP, RFC3279 “Algorithms and Identifiers for the
Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation
List (CRL) Profile”, SEC, SHA-1, SHA-256, SHA-384, SHA-512, SOAP, XHTML 1.0,
XMLDSIG-2002, XML-schema, XPath, XSL, URL, URN, XML-Japanese,
XML-MT, XML-Signature-RD,
and XSLT.
**Added web link for ABA, 1363, and X509v3.