[security-dev 00629]: New W3C XML Security Specifications
Sean Mullan
Sean.Mullan at Sun.COM
Fri Feb 27 19:14:39 UTC 2009
The W3C XML Security Working Group has just released 7 first public working
drafts of new XML Signature and Encryption specifications. If you use or are
interested in JSR 105 (Java XML Digital Signature API) or JSR 106 (Java XML
Encryption API), please try to review them and send any comments you have to the
XML Security working group. These drafts include revisions to XML Signature and
Encryption to support new algorithms, a new document proposing simplifications
to the XML Signature Transform model to enhance performance and security, and
several other new specifications.
Here is the announcement from the W3C Working Group chair:
The W3C XML Security Working Group [1] has published [2] First Public Working
Drafts related to XML Security and requests feedback on these documents. Comment
may be sent to the list public-xmlsec-comments at w3.org . If possible please
indicate the document in the subject line.
(1) XML Signature Syntax and Processing Version 1.1
http://www.w3.org/TR/2009/WD-xmldsig-core1-20090226/
(2) XML Encryption Syntax and Processing Version 1.1
http://www.w3.org/TR/2009/WD-xmlenc-core1-20090226/
(3) XML Signature Transform Simplification: Requirements and Design
http://www.w3.org/TR/2009/WD-xmldsig-simplify-20090226/
(4) XML Security Use Cases and Requirements
http://www.w3.org/TR/2009/WD-xmlsec-reqs-20090226/
(5) XML Security Derived Keys
http://www.w3.org/TR/2009/WD-xmlsec-derivedkeys-20090226/
(6) XML Signature Properties
http://www.w3.org/TR/2009/WD-xmldsig-properties-20090226/
(7) XML Security Algorithm Cross-Reference
http://www.w3.org/TR/2009/WD-xmlsec-algorithms-20090226/
The Working Group has also published an updated working draft of XML Signature
Best Practices:
(8) XML Signature Best Practices
http://www.w3.org/TR/2009/WD-xmldsig-bestpractices-20090226/
The Working Group would appreciate review of these documents, with special
attention to the algorithms listed in XML Signature 1.1 and XML Encryption 1.1,
the proposed 2.0 changes in the Transform Simplification document and Use Cases
and Requirements. Again, comment may be sent to the list
public-xmlsec-comments at w3.org .
Thank you
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG
[1] http://www.w3.org/2008/xmlsec/
[2] http://www.w3.org/News/2009#item25
More information about the security-dev
mailing list