Re: Upgraded JSON Signature System from Frederick.Hirsch@nokia.com on 2013-12-31 (public-xmlsec@w3.org from December 2013)

From: <Frederick.Hirsch@nokia.com>
Date: Tue, 31 Dec 2013 21:47:19 +0000
To: <anders.rundgren.net@gmail.com>
CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Message-ID: <7C3CE9F3-A911-4632-B81D-5DF41FDB0A1A@nokia.com>

Anders

You might wish to reference XML Signature 1.1 - there have been two W3C Recommendations published  since the version you reference (2nd Edition and 1.1) and the updates include algorithm additions, clarifications, updates related to attacks etc. 

Changes in 1.1  are summarized here: http://www.w3.org/TR/2013/NOTE-xmldsig-core1-explain-20130411/

Changes in 2nd edition are summarized here: http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/explain.html

RFC 6931 https://datatracker.ietf.org/doc/rfc6931/ and XML Security Algorithm Cross Reference http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130411/ may also be useful to you.

The appropriate XML Signature 1.1  reference is

XMLDSIG-CORE1]
D. Eastlake; J. Reagle; D. Solo; F. Hirsch; T. Roessler; K. Yiu. XML Signature Syntax and Processing Version 1.1. 11 April 2013. W3C Recommendation. URL: http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/

regards, Frederick

Frederick Hirsch
Nokia

On Dec 20, 2013, at 10:58 PM, ext Anders Rundgren wrote:

> https://openkeystore.googlecode.com/svn/resources/trunk/docs/jcs.html
> http://webpki.org/downloads/secure-json-4-android-v1.00.zip
> 
> New and complete spec. in HTML5.
> 
> Anders
>

Received on Tuesday, 31 December 2013 21:50:42 UTC