1 / 7

IETF status of XML Security

IETF status of XML Security. Donald E. Eastlake, 3rd <dee3@us.ibm.com>, 1-914-784-7913 15 April 1999. Origin. Requirements of the Internet Open Trading Protocol, IOTP, now in the TRADE WG: requires signatures including both public key and secret key (keyed hashes).

mlavigne
Download Presentation

IETF status of XML Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IETFstatus of XML Security Donald E. Eastlake, 3rd <dee3@us.ibm.com>, 1-914-784-7913 15 April 1999

  2. Origin • Requirements of the Internet Open Trading Protocol, IOTP, now in the TRADE WG: • requires signatures including both public key and secret key (keyed hashes). • Requires canonicalization due to messages parts included in later messages, etc. • Plus other XML in IETF lead to call for the formation of an IETF WG.

  3. Internet-Drafts • draft-hiroshi-dom-hash-01.txt • DOM Hash draft. Likely IETF WG input. • draft-brown-xml-dsig-00.txt • Richard Brown draft. Likely IETF WG input. • draft-ietf-trade-iotp-v1.0-dsig-00.txt • TRADE WG draft. Based on Brown draft. Being adopted as part of v1.0 because needed now for implementation. • Available at many locations including: http://www.ietf.org/internet-drafts/*

  4. March 1999 XMLDSIG BoFat Minneapolis IETF Meeting • BoF: exploratory meeting to determine if IETF criterion are met for the formation of a WG • Attendence: 157, a high degree of interest • Unaminous that this is an important area • 3 to 1 with about 1/3 voting that it’s urgent, i.e. should be standarized before 2000 • 40-50 would be active in an IETF WG • Does not want to step on W3C toes

  5. Typical WG Formation Process • IETF community interest, mailing list created <xml-dsig@socratic.org> • Preliminary drafts created. • Area Director (AD) sponsors BoF, draft charter considered. • {XMLDSIG is at this point pending W3C workshop outcome} • AD recommends WG to IESG. • IESG, with input from IAB, creates WG.

  6. IETFstatus of XML Security END

  7. Documentary: Signatures attach to documents / resources or generally formulated descriptions thereof. Specifying semantics of signature critical. Canonicalization not too important. Document is in whatever form it is in. Public key. Protocol: Signatures attach to parts of protocol messages. Protocol description pre-specifies all semantics of signature. Canonicalization critical for message parts incorporated into other messages. Public and secret key. 2 Points of View on Signatures

More Related