IETF status of XML Security - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

IETF status of XML Security

Description:

requires signatures including both public key and secret key (keyed hashes). Requires canonicalization due to messages parts ... at Minneapolis IETF Meeting ... – PowerPoint PPT presentation

Number of Views:19
Avg rating:3.0/5.0
Slides: 8
Provided by: IBMU427
Category:

less

Transcript and Presenter's Notes

Title: IETF status of XML Security


1
IETFstatus of XML Security
  • Donald E. Eastlake, 3rd
  • ltdee3_at_us.ibm.comgt, 1-914-784-7913
  • 15 April 1999

2
Origin
  • Requirements of the Internet Open Trading
    Protocol, IOTP, now in the TRADE WG
  • requires signatures including both public key and
    secret key (keyed hashes).
  • Requires canonicalization due to messages parts
    included in later messages, etc.
  • Plus other XML in IETF lead to call for the
    formation of an IETF WG.

3
Internet-Drafts
  • draft-hiroshi-dom-hash-01.txt
  • DOM Hash draft. Likely IETF WG input.
  • draft-brown-xml-dsig-00.txt
  • Richard Brown draft. Likely IETF WG input.
  • draft-ietf-trade-iotp-v1.0-dsig-00.txt
  • TRADE WG draft. Based on Brown draft. Being
    adopted as part of v1.0 because needed now for
    implementation.
  • Available at many locations including
    http//www.ietf.org/internet-drafts/

4
March 1999 XMLDSIG BoFat Minneapolis IETF Meeting
  • BoF exploratory meeting to determine if IETF
    criterion are met for the formation of a WG
  • Attendence 157, a high degree of interest
  • Unaminous that this is an important area
  • 3 to 1 with about 1/3 voting that its urgent,
    i.e. should be standarized before 2000
  • 40-50 would be active in an IETF WG
  • Does not want to step on W3C toes

5
Typical WG Formation Process
  • IETF community interest, mailing list created
    ltxml-dsig_at_socratic.orggt
  • Preliminary drafts created.
  • Area Director (AD) sponsors BoF, draft charter
    considered.
  • XMLDSIG is at this point pending W3C workshop
    outcome
  • AD recommends WG to IESG.
  • IESG, with input from IAB, creates WG.

6
IETFstatus of XML Security
  • END

7
2 Points of View on Signatures
  • Documentary
  • Signatures attach to documents / resources or
    generally formulated descriptions thereof.
  • Specifying semantics of signature critical.
  • Canonicalization not too important. Document is
    in whatever form it is in.
  • Public key.
  • Protocol
  • Signatures attach to parts of protocol messages.
  • Protocol description pre-specifies all semantics
    of signature.
  • Canonicalization critical for message parts
    incorporated into other messages.
  • Public and secret key.
Write a Comment
User Comments (0)
About PowerShow.com