The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

NEWS
Cover Stories
Articles & Papers
Press Releases

CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG

TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps

EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Created: March 26, 2001.
News: Cover StoriesPrevious News ItemNext News Item

New Java Specification Requests for XML Digital Signature and XML Digital Encryption APIs.

Two new JSRs (Java Specification Requests) have been published relating to Java APIs for XML digital signature and encryption, proposed for work under the Java Community Process. The Specification Leads are Anthony Nadalin (IBM) and Sean Mullan (Sun). JSR-000105 for XML Digital Signature APIs will "define a standard set of APIs for XML digital signatures services. The XML Digital Signature specification is defined by the W3C; this proposal is to define and incorporate the high level implementation independent Java APIs." JSR-000106 for XML Digital Encryption APIs will "define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document. Today there is no standard set of APIs for XML digital encryption services."

XML Digital Signature APIs [JSR-000105]

"This JSR is to define a standard set of APIs for XML digital signatures services. The XML Digital Signature specification is defined by the W3C. This proposal is to define and incorporate the high level implementation independent Java APIs." Stated motivation: "Today there is no standard of APIs for XML digital signatures services. This JSR provides a Java API to the XML Digital Signature services... There is no existing specification in JDK 2 SDK for accessing XML Digital Signature via a standard set of APIs."

Specification Leads: Anthony Nadalin (IBM) and Sean Mullan (Sun). Comments for JSR-000105: jsr-105-comments@sun.com

From the JSR-000105 web site description:

"This JSR is to define a standard set of APIs for XML digital signatures services. The XML Digital Signature specification is defined by the W3C. XML Signatures can be applied to any digital content (data object), including XML. An XML Signature may be applied to the content of one or more resources. Enveloped or enveloping signatures are over data within the same XML document as the signature; detached signatures are over data external to the signature element. More specifically, the XML Digital Signature specification defines an XML signature element type and an XML signature application; conformance requirements for each are specified by way of schema definitions and prose respectively. The XML Digital Signature specification also includes other useful types that identify methods for referencing collections of resources, algorithms, and keying and management information."

"The XML Digital Signature specifies XML syntax and processing rules for creating and representing digital signatures. The XML Signature is a method of associating a key with referenced data; it does not normatively specify how keys are associated with persons or institutions, nor the meaning of the data being referenced and signed. Consequently, while the XML Digital Signature specification is an important component of secure XML applications, it itself is not sufficient to address all application security/trust concerns, particularly with respect to using signed XML (or other data formats) as a basis of human-to-human communication and agreement. Such an application must specify additional key, algorithm, processing and rendering requirements and developers must give consideration to their application threat models."

XML Digital Encryption APIs [JSR-000106]

Description: This JSR [JSR-00010] is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document. Today there is no standard set of APIs for XML digital encryption services. This JSR provides a Java API to the XML Digital encryption services... There is no existing specification in JDK 2 SDK for accessing XML Digital Encryption via a standard set of APIs... This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document. The representation of the encrypted data and keying material must be both efficient and flexible while using existing functionality within J2SE. XML encryption must provide consistency and compatibility with exiting XML Digital Signature specification as defined by the W3C. The proposed package name for the API Specification is javax.security.xml.enc. JSR-000106 Specification Lead: Anthony Nadalin (IBM).

Current work: The JSR-000106 cites three "existing documents, specifications, or implementations that describe the technology": (1) W3C/IETF XML Signature specification; (2) Java Cryptography Extension; (3) PKCS Specifications. "These documents describe the XML Digital signature standard developed by the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF), this describes the basic element format and also the Java Cryptography Extension that can be used to form the bases of a set of Java APIs.

Principal references:


Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Bottom Globe Image

Document URI: http://xml.coverpages.org/ni2001-03-26-b.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org