Add content here.

Add content here.

This document specifies an XML Signature "decryption transform" that enables XML Signature applications to distinguish between those XML Encryption structures that were encrypted before signing (and must not be decrypted) and those that were encrypted after signing (and must be decrypted) for the signature to validate.

XML Signature [XML-DSig] recommends a standard means for specifying information content to be digitally signed and for representing the resulting digital signatures in XML. Some applications require the ability to specify a subset of a given XML document as the information content to be signed. The XML Signature specification meets this requirement with the XPath transform. However, this transform can be difficult to implement efficiently with existing technologies. This specification defines a new XML Signature transform to facilitate the development of efficient document subsetting implementations that interoperate under similar performance profiles.

XML Signature 2.0 evolves the transform model of XML Signature to enable easier and more efficient implementations of the specification.

This document outlines test cases for Canonical XML 2.0, a major revision of XML canonicalization. It currently includes tests from Canonical XML 1.0 and new tests related to XML namespace handling.

Add content here.

This document defines a streamable profile of XPath 1.0 suitable for use with XML Signature 2.0.

This document outlines use cases, requirements and design choices for XML Security 2.0, specifically Canonical XML 2.0 and XML Signature 2.0. It includes a proposed simplification of the XML Signature Transform mechanism, intended to enhance security, performance, streamability and to ease adoption.

This document serves to publish RELAX NG schemas for XML Security specifications, including XML Signature 1.1, and XML Signature Properties.

This document specifies how the XML Signature 2.0 transform model may be used with XML Encryption 1.1 for CipherReference processing.

Add content here.

Add content here.

Generic hybrid ciphers allow for a consistent treatment of asymmetric ciphers when encrypting data and consist of a key encapsulation algorithm with associated parameters and a data encapsulation algorithm with associated parameters. This document augments XML Encryption Version 1.1 by defining algorithms, XML types and elements necessary to enable use of generic hybrid ciphers in XML Security applications.

Add content here.

Add content here.

This document defines interoperability test cases for Canonical XML 1.1 [XML-C14N1.1] and XML Signature Syntax and Processing, Second Edition [XMLDSIG2]. The changes tested include C14N11 handling of attributes in the XML namespace, including xml:id and xml:base, appropriate C14N11 nodeset to octet stream transform processing, modifications to RFC 3986 dot segment processing for C14N11, and RFC 4514 string encoding of Distinguished Names. The tests include standalone C14N11 tests as well as tests integrated with XML signature generation and validation. This document also includes earlier test cases used in XML Signature [XMLDSIG] for regression testing.

This technical note describes how to use the XML Digital Signature Recommendation [XMLDSIG] in a way consistent with the present (fall 2006) XML environment. In particular, this note takes into account the recent xml:id Version 1.0 [XMLID] Recommendation, and work in progress towards a Canonical XML Version 1.1 [C14N11] Recommendation.

This note suggests constraints on the use of XML Signature, and relies on extension points present in the XML Digital Signature Recommendation. This note does not override any aspect of that Recommendation.

This document lists the design principles, scope, and requirements for the XML Digital Signature specification. It includes requirements as they relate to the signature syntax, data model, format, cryptographic processing, and external requirements and coordination.