A posting from Takeshi Imamura (Tokyo Research Laboratory, IBM Research) reports on the availability of an experimental implementation of [W3C] XML Encryption Syntax and Processing Version 1.0. Support is implemented in the updated version of the XML Security Suite from alphaWorks. The IBM XML Security Suite "provides security features such as digital signature, element-wise encryption, and access control to Internet business-to-business transactions. The new experimental support for the W3C XML Encryption proposal enables one to encrypt/decrypt arbitrary binary data, an XML element, or its content. The XML Schema definition of XACL [XML Access Control Language] syntax is introduced." Also featured in the IBM implementation is W3C/IETF XML-Signature support conforming to the new Candidate Recommendation of 19-April-2001.
From the Introduction to the XML Encryption Syntax and Processing specification: "This document specifies how to encrypt data in an XML-conformant manner. It describes how to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include it an XML document. The technical requirements upon which this specification is based are summarized in Section 2. Subsequent Sections describe the XML Encryption syntax, processing rules, and XML Encryption schema along with selected examples of using this technology..."
From the XML Security Suite description:
XML is expected to facilitate Internet B2B messaging because of its simplicity and flexibility. One big concern that customer may have in doing Internet B2B messaging is security. Internet is a public network, and there has been no protection against attacks such as eavesdropping and forgery. If messages are stolen or modified during transmission, B2B messaging will be almost useless. Fortunately, the recent advancement of public-key cryptography has remedied most of the security problems in communication. Using modern cryptographic protocols such as SSL, the Internet became as secure as any other networks, including VANs and intranets.
Our XML Security Suite will push the security further by introducing new security features such as digital signature, element-wise encryption, and access control that are beyond the capability of the transport-level security protocol such as SSL. Our goal is to contribute to the discussions of standard bodies by providing sample implementations, as well as to supply our advanced technologies to our partners and to hear what they think. In this release of XML Security Suite, we provide reference implementations of DOMHASH, a proposed canonicalized digest value for XML document, and its two sample applications. DOMHASH can be a basis for XML digital signature that is being discussed in both IETF and W3C.
- IBM XML Security Suite
- XML Security Suite - XACL XSD files, [source]
- Announcement - XML Encryption Implementation
- [W3C] XML Encryption Syntax and Processing Version 1.0
- W3C XML Encryption Working Group
- Mailing list archives for 'xml-encryption'
- W3C/IETF XML-Signature
- XML-Signature Syntax and Processing. W3C Candidate Recommendation 19-April-2001
- Contact: Takeshi Imamura
- "XML Access Control Language (XACL)" - Main reference page.
- "XML and Encryption" - Main reference page.