1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta content="Apache Forrest" name="Generator">
<meta name="Forrest-version" content="0.6">
<meta name="Forrest-skin-name" content="pelt">
<title>Frequently Asked Questions</title>
<link type="text/css" href="skin/basic.css" rel="stylesheet">
<link media="screen" type="text/css" href="skin/screen.css" rel="stylesheet">
<link media="print" type="text/css" href="skin/print.css" rel="stylesheet">
<link type="text/css" href="skin/profile.css" rel="stylesheet">
<script src="skin/getBlank.js" language="javascript" type="text/javascript"></script><script src="skin/getMenu.js" language="javascript" type="text/javascript"></script><script src="skin/fontsize.js" language="javascript" type="text/javascript"></script>
</head>
<body onload="init()">
<script type="text/javascript">ndeSetTextSize();</script>
<div id="top">
<!--+
|breadtrail
+-->
<div class="breadtrail">
<a href="http://www.apache.org/">apache</a> > <a href="http://xml.apache.org/">xml.apache</a><script src="skin/breadcrumbs.js" language="JavaScript" type="text/javascript"></script>
</div>
<!--+
|header
+-->
<div class="header">
<!--+
|start group logo
+-->
<div class="grouplogo">
<a href="http:///xml.apache.org"><img class="logoImage" alt="Apache XML" src="images/group-logo.gif"></a>
</div>
<!--+
|end group logo
+-->
<!--+
|start Project Logo
+-->
<div class="projectlogo">
<a href="http://xml.apache.org/security"><img class="logoImage" alt="Apache XML Security" src="images/project-logo.gif"></a>
</div>
<!--+
|end Project Logo
+-->
<!--+
|start Search
+-->
<div class="searchbox">
<form action="http://www.google.com/search" method="get" class="roundtopsmall">
<input value="xml.apache.org/security" name="sitesearch" type="hidden"><input onFocus="getBlank (this, 'Search the site with google:');" value="Search the site with google:" size="25" name="q" id="query" type="text">
<input name="Search" value="Search" type="submit">
</form>
</div>
<!--+
|end search
+-->
<!--+
|start Tabs
+-->
<ul id="tabs">
<li class="current">
<a class="base-selected" href="index.html">Home</a>
</li>
<li>
<a class="base-not-selected" href="Java/index.html">Java</a>
</li>
<li>
<a class="base-not-selected" href="c/index.html">C++</a>
</li>
</ul>
<!--+
|end Tabs
+-->
</div>
</div>
<div id="main">
<div id="publishedStrip">
<!--+
|start Subtabs
+-->
<div id="level2tabs"></div>
<!--+
|end Endtabs
+-->
<script type="text/javascript" language="JavaScript"><!--
document.write("Published: " + document.lastModified);
// --></script>
</div>
<!--+
|breadtrail
+-->
<div class="breadtrail">
</div>
<!--+
|start Menu, mainarea
+-->
<!--+
|start Menu
+-->
<div id="menu">
<div onclick="SwitchMenu('menu_selected_1.1', 'skin/')" id="menu_selected_1.1Title" class="menutitle" style="background-image: url('skin/images/chapter_open.gif');">About</div>
<div id="menu_selected_1.1" class="selectedmenuitemgroup" style="display: block;">
<div class="menuitem">
<a title="" href="index.html">Index</a>
</div>
<div class="menuitem">
<a title="" href="download.html">Download</a>
</div>
<div class="menupage">
<div class="menupagetitle">FAQs</div>
</div>
<div class="menuitem">
<a title="" href="who.html">Who we are</a>
</div>
<div class="menuitem">
<a title="" href="todo.html">Todo</a>
</div>
<div class="menuitem">
<a title="" href="changes.html">Changes</a>
</div>
<div class="menuitem">
<a title="" href="history.html">History</a>
</div>
<div class="menuitem">
<a title="" href="license.html">License</a>
</div>
</div>
<div onclick="SwitchMenu('menu_1.2', 'skin/')" id="menu_1.2Title" class="menutitle">Getting Involved</div>
<div id="menu_1.2" class="menuitemgroup">
<div class="menuitem">
<a title="" href="contrib.html">Contributing</a>
</div>
<div class="menuitem">
<a title="" href="http://cvs.apache.org/viewcvs/xml-security/">CVS</a>
</div>
<div class="menuitem">
<a title="" href="mail-lists.html">Mail lists</a>
</div>
</div>
<div onclick="SwitchMenu('menu_1.3', 'skin/')" id="menu_1.3Title" class="menutitle">References</div>
<div id="menu_1.3" class="menuitemgroup">
<div class="menuitem">
<a title="" href="http://www.w3c.org/Signature/">W3C XML DSig</a>
</div>
<div class="menuitem">
<a title="" href="http://www.w3c.org/Encryption/">W3C XML Enc</a>
</div>
<div class="menuitem">
<a title="" href="http://www.w3c.org/2001/XKMS/">W3C XML XKMS</a>
</div>
</div>
<div id="credit"></div>
<div id="roundbottom">
<img style="display: none" class="corner" height="15" width="15" alt="" src="skin/images/rc-b-l-15-1body-2menu-3menu.png"></div>
<!--+
|alternative credits
+-->
</div>
<!--+
|end Menu
+-->
<!--+
|start content
+-->
<div id="content">
<div id="skinconf-txtlink"></div>
<h1>Frequently Asked Questions</h1>
<a name="N10008"></a><a name="Questions"></a>
<h2 class="h3">Questions</h2>
<div class="section">
<a name="N1000C"></a><a name="mailinglist"></a>
<h3 class="h4">1. Mailinglist</h3>
<a name="N10010"></a><a name="archive"></a>
<h4 class="faq">1.1.
Where's the archive for the list?
</h4>
<div align="right">
<a href="#archive-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
Currently, <a class="external" href="http://news.gmane.org/thread.php?group=gmane.text.xml.security.devel">Gmane</a> holds the messages
of the last two weeks. This service also makes the mailinglist
reachable with a news reader.
</p>
<p>
You can use the ezmlm mailing list controller to recieve previous
messages by email. Send an empty email to <a href="mailto:security-dev-help.at.xml.apache.org">security-dev-help@xml.apache.org</a> for detailed information on how
to use this service
</p>
</div>
<a name="N10023"></a><a name="general"></a>
<h3 class="h4">2. Required background</h3>
<a name="N10027"></a><a name="XML-general"></a>
<h4 class="faq">2.1.
Where can I learn about XML?
</h4>
<div align="right">
<a href="#XML-general-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
There are plenty of resources on the web, just use any search
engine. You might start at <a class="external" href="http://www.ucc.ie/xml/">XMLFAQ</a> or <a class="external" href="http://www.zvon.org/">ZVON</a>.
</p>
</div>
<a name="N10037"></a><a name="XMLDSig"></a>
<h4 class="faq">2.2.
Where can I learn about XML Digital Signatures?
</h4>
<div align="right">
<a href="#XMLDSig-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
The best place to start is <a class="external" href="http://www.w3c.org/Signature"> W3C XML-Signature Syntax and Processing </a>. Links on XML
security in general can be found on <a class="external" href="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/xml_security.html">The XML Security Page </a>.
</p>
</div>
<a name="N10047"></a><a name="XMLEnc"></a>
<h4 class="faq">2.3.
Where can I learn about XML Encryption?
</h4>
<div align="right">
<a href="#XMLEnc-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
The best place to start is <a class="external" href="http://www.w3c.org/Encryption">W3C XML Encryption Syntax and Processing</a>. Links on XML
security in general can be found on <a class="external" href="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/xml_security.html">The XML Security Page</a>.
</p>
</div>
<a name="N10057"></a><a name="Crypto"></a>
<h4 class="faq">2.4.
Where can I learn about Cryptography in general?
</h4>
<div align="right">
<a href="#Crypto-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
A lot of resources exist on the web, including the 'green bible' for
cryptography: <a class="external" href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied Cryptography</a>. The Handbook of Applied Cryptography is completely online and
it should satisfy most of your cryptographic hunger. Disadvantage of
it is that it goes rather deep, so it isn't a executive overview or a
"Learn XYZ in 21 days"-book
</p>
</div>
<a name="N10063"></a><a name="xmldsig"></a>
<h3 class="h4">3. XMLDSig questions</h3>
<a name="N10067"></a><a name="env-transf"></a>
<h4 class="faq">3.1.
What is the enveloped transform?
</h4>
<div align="right">
<a href="#env-transf-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
The enveloped transform is a special transform that enables the use of
so-called enveloped signatures.
</p>
<p>
Enveloped signatures are signatures over an entire XML document, for
which the <span class="codefrag"><Signature></span> element is included in the
document itself. An example could be:
</p>
<pre class="code">
<?xml version="1.0" encoding="UTF-8"?>
<Root>
<SomeContent>
...
</SomeContent><em>
<ds:Signature>
<ds:SignedInfo>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
</ds:Reference>
</ds:SignedInfo>
....
</ds:Signature></em>
</Root>
</pre>
<p>
The <span class="codefrag">Reference</span> indicates that <span class="codefrag">Root</span> and it's
descendants (except for comments) are signed, but the
<span class="codefrag">Transform</span> element says to throw out the
<span class="codefrag">Signature</span> element (that is the parent of this
<span class="codefrag">Reference</span>) from the stream that is to be signed. Note
that if there are other
<span class="codefrag">Signature</span> elements in <span class="codefrag">Root</span>, they will remain
untouched.
</p>
</div>
<a name="N10094"></a><a name="c14N"></a>
<h4 class="faq">3.2.
What's the difference between C14N and ExclC14N?
</h4>
<div align="right">
<a href="#c14N-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
C14N was introduced to solve some problems that arise when signing
XML. Because XML allows to change the representation of an XML document
without changing the actual content, signatures may break when
different parsers are used to generate and verify the signature. A simple
example of such an allowed change is changing the order of attributes
within an element. (That is solved by C14N by sorting the attributes by
alphabet)
</p>
<p>
Because a C14N'ed XML fragment inherits all the namespace declarations
from it's ancestors, it is not possible to embed a signed XML fragment
into a document that has other namespace declarations.
</p>
<p>
This is solved by ExclC14N. ExclC14N takes extra information as input
in which you can specify which of the ancestor's namespaces should be
included.
</p>
<p>
For more information on this topic, have a look at the C14N and
ExclC14N sections of the <a class="external" href="http://www.w3c.org/Signature">W3C XMLDSig WG</a>.
</p>
</div>
</div>
</div>
<!--+
|end content
+-->
<div class="clearboth"> </div>
</div>
<div id="footer">
<!--+
|start bottomstrip
+-->
<div class="lastmodified">
<script type="text/javascript"><!--
document.write("Last Published: " + document.lastModified);
// --></script>
</div>
<div class="copyright">
Copyright © 2002-2005 The Apache Software Foundation.</div>
<!--+
|end bottomstrip
+-->
</div>
</body>
</html>
|
