RFC 2807 (rfc2807) - Page 2 of 9

XML Signature Requirements

Alternative Format: Original Text Document
< Previous
Next >
RFC 2807               XML Signature Requirements              July 2000


   This document lists the design principles, scope, and requirements
   over three things: (1) the scope of work available to the WG, (2) the
   XML signature specification, and (3) applications that implement the
   specification. It includes requirements as they relate to the
   signature syntax, data model, format, cryptographic processing, and
   external requirements and coordination. Those things that are
   required are designated as "must", those things that are optional are
   designated by "may", those things that are optional but recommended
   are designated as "should".

2. Design Principles and Scope

   1. The specification must describe how to sign digital content, and
      XML content in particular. The XML syntax used to represent a
      signature (over any content) is described as an XML Signature.
      [Charter]
   2. XML Signatures are generated from a hash over the canonical form
      of a signature manifest. (In this document we use the term
      manifest to mean a collection of references to the objects being
      signed. The specifications may use the terms manifest, package or
      other terms differently from this document while still meeting
      this requirement.) The manifest must support references to Web
      resources, the hash of the resource content (or its canonicalized
      form), and (optionally) the resource content type. [Brown,
      List(Solo)] Web resources are defined as any digital content that
      can be addressed using the syntax of XLink locator [XLink]).
   3. The meaning of a signature is simple:  The XML Signature syntax
      associates the content of resources listed in a manifest with a
      key via a strong one-way transformation.
      1. The XML Signature syntax must be extensible such that it can
         support arbitrary application/trust semantics and assertion
         capabilities -- that can also be signed.
         [Charter(Requirement1&4), List(Bugbee, Solo)]
      2. The WG is not chartered to specify trust semantics, but syntax
         and processing rules necessary for communicating signature
         validity (authenticity, integrity and non-repudiation).
         [Charter(Requirement1)] At the Chairs' discretion and in order
         to test the extensibility of the syntax, the WG may produce
         non-critical-path proposals defining common semantics (e.g.,
         manifest, package, timestamps, endorsement, etc.) relevant to
         signed assertions about Web resources in a schema definition
         [XML, RDF] or link type definition [XLink].
      Comment: A more formal definition of a signed resource is below.
      The notation is "definition(inputs):constraints" where definition
      evaluates as true for the given inputs and specified constraints.
      signed-resource(URI-of-resource, content, key, signature): (there
      was some protocol message at a specific time such that "GET(URI-
      of-resource) = content") AND (sign-doc(content, key, sig))



Reagle                       Informational
< Previous
Next >