1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta content="Apache Forrest" name="Generator">
<meta name="Forrest-version" content="0.6">
<meta name="Forrest-skin-name" content="pelt">
<title>Frequently Asked Questions</title>
<link type="text/css" href="skin/basic.css" rel="stylesheet">
<link media="screen" type="text/css" href="skin/screen.css" rel="stylesheet">
<link media="print" type="text/css" href="skin/print.css" rel="stylesheet">
<link type="text/css" href="skin/profile.css" rel="stylesheet">
<script src="skin/getBlank.js" language="javascript" type="text/javascript"></script><script src="skin/getMenu.js" language="javascript" type="text/javascript"></script><script src="skin/fontsize.js" language="javascript" type="text/javascript"></script>
</head>
<body onload="init()">
<script type="text/javascript">ndeSetTextSize();</script>
<div id="top">
<!--+
|breadtrail
+-->
<div class="breadtrail">
<a href="http://www.apache.org/">apache</a> > <a href="http://xml.apache.org/">xml.apache</a><script src="skin/breadcrumbs.js" language="JavaScript" type="text/javascript"></script>
</div>
<!--+
|header
+-->
<div class="header">
<!--+
|start group logo
+-->
<div class="grouplogo">
<a href="http:///xml.apache.org"><img class="logoImage" alt="Apache XML" src="images/group-logo.gif"></a>
</div>
<!--+
|end group logo
+-->
<!--+
|start Project Logo
+-->
<div class="projectlogo">
<a href="http://xml.apache.org/security"><img class="logoImage" alt="Apache XML Security" src="images/project-logo.gif"></a>
</div>
<!--+
|end Project Logo
+-->
<!--+
|start Search
+-->
<div class="searchbox">
<form action="http://www.google.com/search" method="get" class="roundtopsmall">
<input value="xml.apache.org/security" name="sitesearch" type="hidden"><input onFocus="getBlank (this, 'Search the site with google:');" value="Search the site with google:" size="25" name="q" id="query" type="text">
<input name="Search" value="Search" type="submit">
</form>
</div>
<!--+
|end search
+-->
<!--+
|start Tabs
+-->
<ul id="tabs">
<li class="current">
<a class="base-selected" href="index.html">Home</a>
</li>
<li>
<a class="base-not-selected" href="Java/index.html">Java</a>
</li>
<li>
<a class="base-not-selected" href="c/index.html">C++</a>
</li>
</ul>
<!--+
|end Tabs
+-->
</div>
</div>
<div id="main">
<div id="publishedStrip">
<!--+
|start Subtabs
+-->
<div id="level2tabs"></div>
<!--+
|end Endtabs
+-->
<script type="text/javascript" language="JavaScript"><!--
document.write("Published: " + document.lastModified);
// --></script>
</div>
<!--+
|breadtrail
+-->
<div class="breadtrail">
</div>
<!--+
|start Menu, mainarea
+-->
<!--+
|start Menu
+-->
<div id="menu">
<div onclick="SwitchMenu('menu_selected_1.1', 'skin/')" id="menu_selected_1.1Title" class="menutitle" style="background-image: url('skin/images/chapter_open.gif');">About</div>
<div id="menu_selected_1.1" class="selectedmenuitemgroup" style="display: block;">
<div class="menuitem">
<a title="" href="index.html">Index</a>
</div>
<div class="menuitem">
<a title="" href="download.html">Download</a>
</div>
<div class="menupage">
<div class="menupagetitle">FAQs</div>
</div>
<div class="menuitem">
<a title="" href="who.html">Who we are</a>
</div>
<div class="menuitem">
<a title="" href="todo.html">Todo</a>
</div>
<div class="menuitem">
<a title="" href="changes.html">Changes</a>
</div>
<div class="menuitem">
<a title="" href="history.html">History</a>
</div>
<div class="menuitem">
<a title="" href="license.html">License</a>
</div>
</div>
<div onclick="SwitchMenu('menu_1.2', 'skin/')" id="menu_1.2Title" class="menutitle">Getting Involved</div>
<div id="menu_1.2" class="menuitemgroup">
<div class="menuitem">
<a title="" href="contrib.html">Contributing</a>
</div>
<div class="menuitem">
<a title="" href="http://cvs.apache.org/viewcvs/xml-security/">CVS</a>
</div>
<div class="menuitem">
<a title="" href="mail-lists.html">Mail lists</a>
</div>
</div>
<div onclick="SwitchMenu('menu_1.3', 'skin/')" id="menu_1.3Title" class="menutitle">References</div>
<div id="menu_1.3" class="menuitemgroup">
<div class="menuitem">
<a title="" href="http://www.w3c.org/Signature/">W3C XML DSig</a>
</div>
<div class="menuitem">
<a title="" href="http://www.w3c.org/Encryption/">W3C XML Enc</a>
</div>
<div class="menuitem">
<a title="" href="http://www.w3c.org/2001/XKMS/">W3C XML XKMS</a>
</div>
</div>
<div id="credit"></div>
<div id="roundbottom">
<img style="display: none" class="corner" height="15" width="15" alt="" src="skin/images/rc-b-l-15-1body-2menu-3menu.png"></div>
<!--+
|alternative credits
+-->
</div>
<!--+
|end Menu
+-->
<!--+
|start content
+-->
<div id="content">
<div id="skinconf-txtlink"></div>
<h1>Frequently Asked Questions</h1>
<a name="N10008"></a><a name="Questions"></a>
<h2 class="h3">Questions</h2>
<div class="section">
<a name="N1000C"></a><a name="mailinglist"></a>
<h3 class="h4">1. Mailinglist</h3>
<a name="N10010"></a><a name="archive"></a>
<h4 class="faq">1.1.
Where's the archive for the list?
</h4>
<div align="right">
<a href="#archive-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
Currently, <a class="external" href="http://news.gmane.org/thread.php?group=gmane.text.xml.security.devel">Gmane</a> holds the messages
of the last two weeks. This service also makes the mailinglist
reachable with a news reader.
</p>
<p>
You can use the ezmlm mailing list controller to recieve previous
messages by email. Send an empty email to <a href="mailto:security-dev-help.at.xml.apache.org">security-dev-help@xml.apache.org</a> for detailed information on how
to use this service
</p>
</div>
<a name="N10023"></a><a name="general"></a>
<h3 class="h4">2. Required background</h3>
<a name="N10027"></a><a name="XML-general"></a>
<h4 class="faq">2.1.
Where can I learn about XML?
</h4>
<div align="right">
<a href="#XML-general-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
There are plenty of resources on the web, just use any search
engine. You might start at <a class="external" href="http://www.ucc.ie/xml/">XMLFAQ</a> or <a class="external" href="http://www.zvon.org/">ZVON</a>.
</p>
</div>
<a name="N10037"></a><a name="XMLDSig"></a>
<h4 class="faq">2.2.
Where can I learn about XML Digital Signatures?
</h4>
<div align="right">
<a href="#XMLDSig-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
The best place to start is <a class="external" href="http://www.w3c.org/Signature"> W3C XML-Signature Syntax and Processing </a>. Links on XML
security in general can be found on <a class="external" href="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/xml_security.html">The XML Security Page </a>.
</p>
</div>
<a name="N10047"></a><a name="XMLEnc"></a>
<h4 class="faq">2.3.
Where can I learn about XML Encryption?
</h4>
<div align="right">
<a href="#XMLEnc-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
The best place to start is <a class="external" href="http://www.w3c.org/Encryption">W3C XML Encryption Syntax and Processing</a>. Links on XML
security in general can be found on <a class="external" href="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/xml_security.html">The XML Security Page</a>.
</p>
</div>
<a name="N10057"></a><a name="Crypto"></a>
<h4 class="faq">2.4.
Where can I learn about Cryptography in general?
</h4>
<div align="right">
<a href="#Crypto-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
A lot of resources exist on the web, including the 'green bible' for
cryptography: <a class="external" href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied Cryptography</a>. The Handbook of Applied Cryptography is completely online and
it should satisfy most of your cryptographic hunger. Disadvantage of
it is that it goes rather deep, so it isn't a executive overview or a
"Learn XYZ in 21 days"-book
</p>
</div>
<a name="N10063"></a><a name="xmldsig"></a>
<h3 class="h4">3. XMLDSig questions</h3>
<a name="N10067"></a><a name="env-transf"></a>
<h4 class="faq">3.1.
What is the enveloped transform?
</h4>
<div align="right">
<a href="#env-transf-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
The enveloped transform is a special transform that enables the use of
so-called enveloped signatures.
</p>
<p>
Enveloped signatures are signatures over an entire XML document, for
which the <span class="codefrag"><Signature></span> element is included in the
document itself. An example could be:
</p>
<pre class="code">
<?xml version="1.0" encoding="UTF-8"?>
<Root>
<SomeContent>
...
</SomeContent><em>
<ds:Signature>
<ds:SignedInfo>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
</ds:Reference>
</ds:SignedInfo>
....
</ds:Signature></em>
</Root>
</pre>
<p>
The <span class="codefrag">Reference</span> indicates that <span class="codefrag">Root</span> and it's
descendants (except for comments) are signed, but the
<span class="codefrag">Transform</span> element says to throw out the
<span class="codefrag">Signature</span> element (that is the parent of this
<span class="codefrag">Reference</span>) from the stream that is to be signed. Note
that if there are other
<span class="codefrag">Signature</span> elements in <span class="codefrag">Root</span>, they will remain
untouched.
</p>
</div>
<a name="N10094"></a><a name="c14N"></a>
<h4 class="faq">3.2.
What's the difference between C14N and ExclC14N?
</h4>
<div align="right">
<a href="#c14N-menu">^</a>
</div>
<div style="margin-left: 15px">
<p>
C14N was introduced to solve some problems that arise when signing
XML. Because XML allows to change the representation of an XML document
without changing the actual content, signatures may break when
different parsers are used to generate and verify the signature. A simple
example of such an allowed change is changing the order of attributes
within an element. (That is solved by C14N by sorting the attributes by
alphabet)
</p>
<p>
Because a C14N'ed XML fragment inherits all the namespace declarations
from it's ancestors, it is not possible to embed a signed XML fragment
into a document that has other namespace declarations.
</p>
<p>
This is solved by ExclC14N. ExclC14N takes extra information as input
in which you can specify which of the ancestor's namespaces should be
included.
</p>
<p>
For more information on this topic, have a look at the C14N and
ExclC14N sections of the <a class="external" href="http://www.w3c.org/Signature">W3C XMLDSig WG</a>.
</p>
</div>
</div>
</div>
<!--+
|end content
+-->
<div class="clearboth"> </div>
</div>
<div id="footer">
<!--+
|start bottomstrip
+-->
<div class="lastmodified">
<script type="text/javascript"><!--
document.write("Last Published: " + document.lastModified);
// --></script>
</div>
<div class="copyright">
Copyright © 2002-2005 The Apache Software Foundation.</div>
<!--+
|end bottomstrip
+-->
</div>
</body>
</html>
|