(Extensible Markup Language) XML-Signature Syntax and Processing
RFC 3275

Document Type RFC - Draft Standard (March 2002; Errata)
Obsoletes RFC 3075
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state RFC 3275 (Draft Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                    D. Eastlake 3rd
Request for Comments: 3275                                      Motorola
Obsoletes: 3075                                                J. Reagle
Category: Standards Track                                            W3C
                                                                 D. Solo
                                                               Citigroup
                                                              March 2002

    (Extensible Markup Language) XML-Signature Syntax and Processing

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

   Copyright Notice

   Copyright (c) 2002 The Internet Society & W3C (MIT, INRIA, Keio), All
   Rights Reserved.

Abstract

   This document specifies XML (Extensible Markup Language) digital
   signature processing rules and syntax.  XML Signatures provide
   integrity, message authentication, and/or signer authentication
   services for data of any type, whether located within the XML that
   includes the signature or elsewhere.

Table of Contents

   1. Introduction...................................................  3
   1.1 Editorial and Conformance Conventions.........................  4
   1.2 Design Philosophy.............................................  4
   1.3 Versions, Namespaces and Identifiers..........................  4
   1.4 Acknowledgements..............................................  6
   1.5 W3C Status....................................................  6
   2. Signature Overview and Examples................................  7
   2.1 Simple Example (Signature, SignedInfo, Methods, and References) 8
   2.1.1 More on Reference...........................................  9
   2.2 Extended Example (Object and SignatureProperty)............... 10
   2.3 Extended Example (Object and Manifest)........................ 12
   3.0 Processing Rules.............................................. 13
   3.1 Core Generation............................................... 13
   3.1.1 Reference Generation........................................ 13

Eastlake, et al.            Standards Track                     [Page 1]
RFC 3275          XML-Signature Syntax and Processing         March 2002

   3.1.2 Signature Generation........................................ 13
   3.2 Core Validation............................................... 14
   3.2.1 Reference Validation........................................ 14
   3.2.2 Signature Validation........................................ 15
   4.0 Core Signature Syntax......................................... 15
   4.0.1 The ds:CryptoBinary Simple Type............................. 17
   4.1 The Signature element......................................... 17
   4.2 The SignatureValue Element.................................... 18
   4.3 The SignedInfo Element........................................ 18
   4.3.1 The CanonicalizationMethod Element.......................... 19
   4.3.2 The SignatureMethod Element................................. 21
   4.3.3 The Reference Element....................................... 21
   4.3.3.1 The URI Attribute......................................... 22
   4.3.3.2 The Reference Processing Model............................ 23
   4.3.3.3 Same-Document URI-References.............................. 25
   4.3.3.4 The Transforms Element.................................... 26
   4.3.3.5 The DigestMethod Element.................................. 28
   4.3.3.6 The DigestValue Element................................... 28
   4.4 The KeyInfo Element........................................... 29
   4.4.1 The KeyName Element......................................... 31
   4.4.2 The KeyValue Element........................................ 31
   4.4.2.1 The DSAKeyValue Element................................... 32
   4.4.2.2 The RSAKeyValue Element................................... 33
   4.4.3 The RetrievalMethod Element................................. 34
   4.4.4 The X509Data Element........................................ 35
   4.4.5 The PGPData Element......................................... 38
   4.4.6 The SPKIData Element........................................ 39
   4.4.7 The MgmtData Element........................................ 40
   4.5 The Object Element............................................ 40
   5.0 Additional Signature Syntax................................... 42
   5.1 The Manifest Element.......................................... 42
   5.2 The SignatureProperties Element............................... 43
   5.3 Processing Instructions in Signature Elements................. 44
Show full document text