Pre-release of IBM XML Security Suite


Date:     Mon, 19 Apr 1999 13:02:06 +0900
From:     TAMURA Kent <kent@trl.ibm.co.jp>
To:       xml-dev@ic.ac.uk
Subject:  Pre-release of IBM XML Security Suite

IBM XML Security Suite is available.

      http://204.146.176.227/aw.nsf/html/XML_Security_Suite

NB: This URL is temporary.

The package contains the following:

The package requires JDK 1.1 and Swing 1.1 and an XML parser. The sample dsig implementation requires JDK 1.2.

Please take a look and give us comments if any.

[1] http://www.ietf.org/internet-drafts/draft-hiroshi-dom-hash-01.txt

[2] http://www.ietf.org/internet-drafts/draft-brown-xml-dsig-00.txt


TAMURA, Kent @ Tokyo Research Laboratory, IBM Japan


Excerpts:

"The XML Security Suite provides security features such as digital signature, element-wise encryption, and access control to Internet business-to-business transactions. "

XML is expected to facilitate Internet B2B messaging because of its simplicity and flexibility. One big concern that customer may have in doing Internet B2B messaging is security. Internet is a public network, and there has been no protection against attacks such as eavesdropping and forgery. If messages are stolen or modified during transmission, B2B messaging will be almost useless. Fortunately, the recent advancement of public-key cryptography has remedied most of the security problems in communication. Using modern cryptographic protocols such as SSL, the Internet became as secure as any other networks, including VANs and intranets. "

"Our XML Security Suite will push the security further by introducing new security features such as digital signature, element-wise encryption, and access control that are beyond the capability of the transport-level security protocol such as SSL. Our goal is to contribute to the discussions of standard bodies by providing sample implementations, as well as to supply our advanced technologies to our partners and to hear what they think. In this release of XML Security Suite, we provide reference implementations of DOMHASH, a proposed canonicalized digest value for XML document, and its two sample applications. DOMHASH can be a basis for XML digital signature that is being discussed in both IETF and W3C. "


xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@ic.ac.uk
Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 
981-02-3594-1