Using the Elliptic Curve Signature Algorithm (ECDSA) for XML Digital Signatures
RFC 4050
| Document | Type | RFC - Informational (April 2005; No errata) | |
|---|---|---|---|
| Authors | Simon Blake-Wilson , Yongge Wang , Tetsutaro Kobayashi , Gregor Karlinger | ||
| Last updated | 2013-03-02 | ||
| Stream | Independent Submission | ||
| Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
| Stream | ISE state | (None) | |
| Consensus Boilerplate | Unknown | ||
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4050 (Informational) | |
| Action Holders |
(None)
|
||
| Telechat date | |||
| Responsible AD | Russ Housley | ||
| Send notices to | (None) | ||
Network Working Group S. Blake-Wilson
Request for Comments: 4050 BCI
Category: Informational G. Karlinger
CIO Austria
T. Kobayashi
NTT
Y. Wang
UNCC
April 2005
Using the Elliptic Curve Signature Algorithm (ECDSA)
for XML Digital Signatures
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2005).
IESG Note
This document is not a candidate for any level of Internet Standard.
The IETF disclaims any knowledge of the fitness of this document for
any purpose, and in particular notes that it has not had IETF review
for such things as security, congestion control, or inappropriate
interaction with deployed protocols. The RFC Editor has chosen to
publish this document at its discretion. Readers of this document
should exercise caution in evaluating its value for implementation
and deployment.
Abstract
This document specifies how to use Elliptic Curve Digital Signature
Algorithm (ECDSA) with XML Signatures. The mechanism specified
provides integrity, message authentication, and/or signer
authentication services for data of any type, whether located within
the XML that includes the signature or included by reference.
Blake-Wilson, et al. Informational [Page 1]
RFC 4050 ECDSA for XML Digital Signatures April 2005
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. ECDSA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
3. Specifying ECDSA within XMLDSIG . . . . . . . . . . . . . . . 3
3.1. Version, Namespaces, and Identifiers . . . . . . . . . . 3
3.2. XML Schema Preamble and DTD Replacement. . . . . . . . . 4
3.2.1. XML Schema Preamble. . . . . . . . . . . . . . . 4
3.2.2. DTD Replacement. . . . . . . . . . . . . . . . . 4
3.3. ECDSA Signatures . . . . . . . . . . . . . . . . . . . . 4
3.4. ECDSA Key Values . . . . . . . . . . . . . . . . . . . . 4
3.4.1. Key Value Root Element . . . . . . . . . . . . . 4
3.4.2. EC Domain Parameters . . . . . . . . . . . . . . 5
3.4.2.1. Field Parameters . . . . . . . . . . . 6
3.4.2.2. Curve Parameters . . . . . . . . . . . 8
3.4.2.3. Base Point Parameters. . . . . . . . . 9
3.4.3. EC Points . . . . . . . . . . . . . . . . . . . 10
4. Security Considerations . . . . . . . . . . . . . . . . . . . 11
5. Normative References . . . . . . . . . . . . . . . . . . . . . 11
6. Informative References . . . . . . . . . . . . . . . . . . . . 12
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13
Appendix A: Aggregate XML Schema . . . . . . . . . . . . . . . . . 14
Appendix B: Aggregate DTD. . . . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 19
1. Introduction
This document specifies how to use the Elliptic Curve Digital
Signature Algorithm (ECDSA) with XML signatures, as specified in
[XMLDSIG]. [XMLDSIG] defines only two digital signature methods: RSA
and DSA (DSS) signatures. This document introduces ECDSA signatures
as an additional method.
This document uses both XML Schemas [XML-schema] (normative) and DTDs
[XML] (informational) to specify the corresponding XML structures.
2. ECDSA
The Elliptic Curve Digital Signature Algorithm (ECDSA) is the
elliptic curve analogue of the DSA (DSS) signature method
[FIPS-186-2]. It is defined in the ANSI X9.62 standard [X9.62].
Other compatible specifications include FIPS 186-2 [FIPS-186-2], IEEE
1363 [IEEE1363], IEEE 1363a [IEEE1363a], and SEC1 [SEC1]. [RFC3279]
describes ways to carry ECDSA keys in X.509 certificates.
[FIPS-186-2], [SEC2], and [X9.62] provide recommended elliptic curve
domain parameters for use with ECDSA.
Blake-Wilson, et al. Informational [Page 2]
RFC 4050 ECDSA for XML Digital Signatures April 2005
Like DSA, ECDSA incorporates the use of a hash function. Currently,
the only hash function defined for use with ECDSA is the SHA-1
Show full document text