[xmlsec] XML Signature 2.0, C14N2.0 and XPath profile drafts for review

Frederick.Hirsch at nokia.com Frederick.Hirsch at nokia.com
Fri Apr 29 08:18:21 PDT 2011

The XML Security WG has published Last Call documents for XML Security 2.0 and is seeking review and comment on these specifications. Please send comments before 31 May  to the working group public mailing list, public-xmlsec at w3.org

(1) XML Signature 2.0, http://www.w3.org/TR/2011/WD-xmldsig-core2-20110421/

XML Signature 2.0 includes a new transform model designed to address requirements including performance, simplicity and streamability. This model is significantly different than in XML Signature 1.x. XML Signature 2.0 is designed to be backward compatible, however, enabling the XML Signature 1.x model to be used where necessary

(2) Canonical XML 2.0, http://www.w3.org/TR/2011/WD-xml-c14n2-20110421/

Canonical XML Version 2.0 is a major rewrite of Canonical XML Version 1.1 and Exclusive Canonical XML 1.0 to address issues around performance, streaming, hardware implementation, robustness, minimizing attack surface, determining what is signed and more. It combines inclusive and exclusive canonicalization algorithms into a single algorithm, that takes the canonicalization mode as a parameter.


(3) the XML Signature Streaming Profile of XPath 1.0., http://www.w3.org/TR/2011/WD-xmldsig-xpath-20110421/

a streamable profile of XPath 1.0  for use in XML Signature 2.0 

The 2.0 Requirements, an XMLSecurity Algorithms Cross-Reference draft, a RELAX NG Schemas draft and 1.1 and other  documents are at the working group publications page at http://www.w3.org/2008/xmlsec/wiki/PublicationStatus

Thank you

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

More information about the xmlsec mailing list