The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

NEWS
Cover Stories
Articles & Papers
Press Releases

CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG

TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps

EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Created: March 04, 2002.
News: Cover StoriesPrevious News ItemNext News Item

W3C XML Encryption Working Group Releases Candidate Recommendation Specifications.

The W3C XML Encryption Working Group has published an updated XML Encryption Requirements document and has approved the release of XML Encryption Syntax and Processing and Decryption Transform for XML Signature as Candidate Recommendation specifications. The working group expects to meet the exit criteria for the two CRs, but solicits additional feedback (until April 25, 2002) based upon on implementation experience. The requirements specification outlines "the design principles, scope, and requirements for XML Encryption; it includes requirements as they relate to the encryption syntax, data model, format, cryptographic processing, and external requirements and coordination." The core specification for XML Encryption Syntax and Processing defines "a process for encrypting data and representing the result in XML. The data may be arbitrary data (including an XML document), an XML element, or XML element content. The result of encrypting data is an XML Encryption EncryptedData element which contains (via one of its children's content) or identifies (via a URI reference) the cipher data. When encrypting an XML element or element content the EncryptedData element replaces the element or content (respectively) in the encrypted version of the XML document. When encrypting arbitrary data (including entire XML documents), the EncryptedData element may become the root of a new XML document or become a child element in an application-chosen XML document." The Decryption Transform document " specifies an XML Signature "decryption transform" that enables XML Signature applications to distinguish between those XML Encryption structures that were encrypted before signing (and must not be decrypted) and those that were encrypted after signing (and must be decrypted) for the signature to validate."

Candidate Recommendation phase exit criteria. For the XML Encryption Syntax and Processing CR, the exit criteria is "at least two interoperable implementations over every feature, one implementation of all features, and one report of satisfaction in an application context (e.g. SOAP, SAML, etc.)... Specific areas where [the WG] would appreciate further experience are: (1) Do implementations achieve satisfactory performance? (2) Does the specification satisfy application scenario requirements for encrypting portions of XML, particularly as they relate to document validity? For the Decryption Transform for XML Signature CR, the exit criteria is "at least two interoperable implementations of this transform with acceptable performance. The interoperability of this specification will be demonstrated as an algorithm in the XML Encryption Syntax and Processing Interoperability Report. Specific areas where [the WG] would appreciate further experience are: (1) Do implementations achieve satisfactory performance? (2) Does the specification satisfy application scenario requirements for encrypting and signing portions of XML?"

Bibliographic information:

From the W3C XML Encryption Activity Statement: "Encryption renders data (plain-text) confidential (cipher-text) such that it can be safely stored or transmitted and only the intended recipients can restore the data to its original form. This feature is important given that many applications are using the Internet to exchange sensitive information such as payment and purchase orders. In view of recent Web technology developments, the work of the XML Encryption Activity is to specify XML encryption syntax and processing for encrypting XML in whole or part (e.g., element). This can then be used by XML applications, such as XML Protocol..."


Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Bottom Globe Image

Document URI: http://xml.coverpages.org/ni2002-03-04-a.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org