Date: Mon, 19 Apr 1999 13:02:06 +0900 From: TAMURA Kent <kent@trl.ibm.co.jp> To: xml-dev@ic.ac.uk Subject: Pre-release of IBM XML Security Suite
IBM XML Security Suite is available.
http://204.146.176.227/aw.nsf/html/XML_Security_Suite
NB: This URL is temporary.
The package contains the following:
Reference implementations of DOMHash [1], both for 100%-pure-DOM API and SAX API, and some utility classes for DOM.
Sample digital signature implementation based on Richard Brown's Internet Draft [2].
Parser Test Tool for testing your DOM or SAX implementation.
The package requires JDK 1.1 and Swing 1.1 and an XML parser. The sample dsig implementation requires JDK 1.2.
Please take a look and give us comments if any.
[1] http://www.ietf.org/internet-drafts/draft-hiroshi-dom-hash-01.txt
[2] http://www.ietf.org/internet-drafts/draft-brown-xml-dsig-00.txt
TAMURA, Kent @ Tokyo Research Laboratory, IBM Japan
Excerpts:
"The XML Security Suite provides security features such as digital signature,
element-wise encryption, and access control to Internet business-to-business
transactions. "
XML is expected to facilitate Internet B2B messaging because of its simplicity and flexibility. One big concern that customer may have in doing Internet B2B messaging is security. Internet is a public network, and there has been no protection against attacks such as eavesdropping and forgery. If messages are stolen or modified during transmission, B2B messaging will be almost useless. Fortunately, the recent advancement of public-key cryptography has remedied most of the security problems in communication. Using modern cryptographic protocols such as SSL, the Internet became as secure as any other networks, including VANs and intranets. "
"Our XML Security Suite will push the security further by introducing new security features such as digital signature, element-wise encryption, and access control that are beyond the capability of the transport-level security protocol such as SSL. Our goal is to contribute to the discussions of standard bodies by providing sample implementations, as well as to supply our advanced technologies to our partners and to hear what they think. In this release of XML Security Suite, we provide reference implementations of DOMHASH, a proposed canonicalized digest value for XML document, and its two sample applications. DOMHASH can be a basis for XML digital signature that is being discussed in both IETF and W3C. "
xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@ic.ac.uk Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 981-02-3594-1