Using the Elliptic Curve Signature Algorithm (ECDSA) for XML Digital Signatures
RFC 4050
Document | Type | RFC - Informational (April 2005; No errata) | |
---|---|---|---|
Authors | Simon Blake-Wilson , Yongge Wang , Tetsutaro Kobayashi , Gregor Karlinger | ||
Last updated | 2013-03-02 | ||
Stream | Independent Submission | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | ISE state | (None) | |
Consensus Boilerplate | Unknown | ||
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4050 (Informational) | |
Action Holders |
(None)
|
||
Telechat date | |||
Responsible AD | Russ Housley | ||
Send notices to | (None) |
Network Working Group S. Blake-Wilson Request for Comments: 4050 BCI Category: Informational G. Karlinger CIO Austria T. Kobayashi NTT Y. Wang UNCC April 2005 Using the Elliptic Curve Signature Algorithm (ECDSA) for XML Digital Signatures Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). IESG Note This document is not a candidate for any level of Internet Standard. The IETF disclaims any knowledge of the fitness of this document for any purpose, and in particular notes that it has not had IETF review for such things as security, congestion control, or inappropriate interaction with deployed protocols. The RFC Editor has chosen to publish this document at its discretion. Readers of this document should exercise caution in evaluating its value for implementation and deployment. Abstract This document specifies how to use Elliptic Curve Digital Signature Algorithm (ECDSA) with XML Signatures. The mechanism specified provides integrity, message authentication, and/or signer authentication services for data of any type, whether located within the XML that includes the signature or included by reference. Blake-Wilson, et al. Informational [Page 1] RFC 4050 ECDSA for XML Digital Signatures April 2005 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. ECDSA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3. Specifying ECDSA within XMLDSIG . . . . . . . . . . . . . . . 3 3.1. Version, Namespaces, and Identifiers . . . . . . . . . . 3 3.2. XML Schema Preamble and DTD Replacement. . . . . . . . . 4 3.2.1. XML Schema Preamble. . . . . . . . . . . . . . . 4 3.2.2. DTD Replacement. . . . . . . . . . . . . . . . . 4 3.3. ECDSA Signatures . . . . . . . . . . . . . . . . . . . . 4 3.4. ECDSA Key Values . . . . . . . . . . . . . . . . . . . . 4 3.4.1. Key Value Root Element . . . . . . . . . . . . . 4 3.4.2. EC Domain Parameters . . . . . . . . . . . . . . 5 3.4.2.1. Field Parameters . . . . . . . . . . . 6 3.4.2.2. Curve Parameters . . . . . . . . . . . 8 3.4.2.3. Base Point Parameters. . . . . . . . . 9 3.4.3. EC Points . . . . . . . . . . . . . . . . . . . 10 4. Security Considerations . . . . . . . . . . . . . . . . . . . 11 5. Normative References . . . . . . . . . . . . . . . . . . . . . 11 6. Informative References . . . . . . . . . . . . . . . . . . . . 12 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 Appendix A: Aggregate XML Schema . . . . . . . . . . . . . . . . . 14 Appendix B: Aggregate DTD. . . . . . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 19 1. Introduction This document specifies how to use the Elliptic Curve Digital Signature Algorithm (ECDSA) with XML signatures, as specified in [XMLDSIG]. [XMLDSIG] defines only two digital signature methods: RSA and DSA (DSS) signatures. This document introduces ECDSA signatures as an additional method. This document uses both XML Schemas [XML-schema] (normative) and DTDs [XML] (informational) to specify the corresponding XML structures. 2. ECDSA The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic curve analogue of the DSA (DSS) signature method [FIPS-186-2]. It is defined in the ANSI X9.62 standard [X9.62]. Other compatible specifications include FIPS 186-2 [FIPS-186-2], IEEE 1363 [IEEE1363], IEEE 1363a [IEEE1363a], and SEC1 [SEC1]. [RFC3279] describes ways to carry ECDSA keys in X.509 certificates. [FIPS-186-2], [SEC2], and [X9.62] provide recommended elliptic curve domain parameters for use with ECDSA. Blake-Wilson, et al. Informational [Page 2] RFC 4050 ECDSA for XML Digital Signatures April 2005 Like DSA, ECDSA incorporates the use of a hash function. Currently, the only hash function defined for use with ECDSA is the SHA-1Show full document text