< draft-blake-wilson-xmldsig-ecdsa-04.txt   draft-blake-wilson-xmldsig-ecdsa-05.txt >
INTERNET-DRAFT S. Blake-Wilson, BCI
G. Karlinger, CIO Austria INTERNET-DRAFT S. Blake-Wilson, BCI
Y. Wang, UNCC G. Karlinger, CIO Austria
T. Kobayashi, NTT T. Kobayashi, NTT
Expires: June 2003 December 2002 Y. Wang, UNCC
Expires: October 2003 April 2003
ECDSA with XML-Signature Syntax ECDSA with XML-Signature Syntax
<draft-blake-wilson-xmldsig-ecdsa-04.txt> <draft-blake-wilson-xmldsig-ecdsa-05.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. Internet-Drafts are working provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
skipping to change at page 1, line 44 skipping to change at page 1, line 45
specified provides integrity, message authentication, and/or signer specified provides integrity, message authentication, and/or signer
authentication services for data of any type, whether located authentication services for data of any type, whether located
within the XML that includes the signature or included by reference. within the XML that includes the signature or included by reference.
Table of Contents Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 ECDSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2 ECDSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3 Specifying ECDSA within XMLDSIG . . . . . . . . . . . . . . . . 3 3 Specifying ECDSA within XMLDSIG . . . . . . . . . . . . . . . . 3
3.1 Version, Namespaces and Identifiers . . . . . . . . . . . . 3 3.1 Version, Namespaces and Identifiers . . . . . . . . . . . . 3
3.1.1 XML Schema Preamble . . . . . . . . . . . . . . . . 3
3.1.2 DTD Replacement . . . . . . . . . . . . . . . . . . 3
3.2 XML Schema Preamble and DTD Replacement . . . . . . . . . . 4 3.2 XML Schema Preamble and DTD Replacement . . . . . . . . . . 4
3.2.1 XML Schema Preamble . . . . . . . . . . . . . . . . . 4 3.2.1 XML Schema Preamble . . . . . . . . . . . . . . . . . 4
3.2.2 DTD Replacement . . . . . . . . . . . . . . . . . . . 4 3.2.2 DTD Replacement . . . . . . . . . . . . . . . . . . . 4
3.3 ECDSA Signatures . . . . . . . . . . . . . . . . . . . . . 4 3.3 ECDSA Signatures . . . . . . . . . . . . . . . . . . . . . 4
3.4 ECDSA Key Values . . . . . . . . . . . . . . . . . . . . . 4 3.4 ECDSA Key Values . . . . . . . . . . . . . . . . . . . . . 4
3.4.1 Key Value Root Element . . . . . . . . . . . . . . . 5 3.4.1 Key Value Root Element . . . . . . . . . . . . . . . 4
3.4.2 EC Domain Parameters . . . . . . . . . . . . . . . . 5 3.4.2 EC Domain Parameters . . . . . . . . . . . . . . . . 5
3.4.2.1 Field Parameters . . . . . . . . . . . . . 6 3.4.2.1 Field Parameters . . . . . . . . . . . . . 6
3.4.2.2 Curve Parameters . . . . . . . . . . . . . 8 3.4.2.2 Curve Parameters . . . . . . . . . . . . . 8
3.4.2.3 Base Point Parameters . . . . . . . . . . . 9 3.4.2.3 Base Point Parameters . . . . . . . . . . . 8
3.4.3 EC Points . . . . . . . . . . . . . . . . . . . . . 10 3.4.3 EC Points . . . . . . . . . . . . . . . . . . . . . 9
4 Security Considerations . . . . . . . . . . . . . . . . . . . . 11
5 Intellectual Property Rights . . . . . . . . . . . . . . . . . . 11 4 Security Considerations . . . . . . . . . . . . . . . . . . . . 10
5 Intellectual Property Rights . . . . . . . . . . . . . . . . . . 10
6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
7 Authors' addresses . . . . . . . . . . . . . . . . . . . . . . . 13 7 Authors' addresses . . . . . . . . . . . . . . . . . . . . . . . 12
8 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 13 8 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 12
9 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 13 9 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 12
Appendix A: Aggregate XML Schema . . . . . . . . . . . . . . . . . 14 Appendix A: Aggregate XML Schema . . . . . . . . . . . . . . . . . 13
Appendix B: Aggregate DTD . . . . . . . . . . . . . . . . . . . . . 17 Appendix B: Aggregate DTD . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
This document specifies how to use the Elliptic Curve Digital Signature This document specifies how to use the Elliptic Curve Digital Signature
Algorithm (ECDSA) with XML signatures as specified in [XMLDSIG]. Therein Algorithm (ECDSA) with XML signatures as specified in [XMLDSIG]. Therein
only two digital signature methods are defined: RSA signatures and DSA only two digital signature methods are defined: RSA signatures and DSA
(DSS) signatures. This document introduces ECDSA signatures as an (DSS) signatures. This document introduces ECDSA signatures as an
additional method. additional method.
This document uses both XML Schemas [XML-schema] (normative) and DTDs This document uses both XML Schemas [XML-schema] (normative) and DTDs
[XML] (informational) for specifying the corresponding XML structures. [XML] (informational) for specifying the corresponding XML structures.
2. ECDSA 2. ECDSA
The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic
curve analogue of the DSA (DSS) signature method [FIPS186-2]. It is curve analogue of the DSA (DSS) signature method [FIPS186-2]. It is
defined in the ANSI X9.62 standard [X9.62]. Other compatible defined in the ANSI X9.62 standard [X9.62]. Other compatible
specifications include FIPS 186-2 [FIPS186-2], IEEE 1363 [IEEE1363], specifications include FIPS 186-2 [FIPS186-2], IEEE 1363 [IEEE1363],
and SEC1 [SEC1]. [RFC3279] describes the means to carry ECDSA keys in IEEE 1363a [IEEE1363a], and SEC1 [SEC1]. [RFC3279] describes the means
X.509 certificates. Recommended elliptic curve domain parameters for to carry ECDSA keys in X.509 certificates. Recommended elliptic curve
use with ECDSA are given in [FIPS186-2], [SEC2], and [X9.62]. domain parameters for use with ECDSA are given in [FIPS186-2], [SEC2],
and [X9.62].
Like DSA, ECDSA incorporates the use of a hash function. Currently,the Like DSA, ECDSA incorporates the use of a hash function. Currently,the
only hash function defined for use with ECDSA is the SHA-1 message only hash function defined for use with ECDSA is the SHA-1 message
digest algorithm [FIPS-180-1]. digest algorithm [FIPS-180-1].
ECDSA signatures are smaller than RSA signatures of similar ECDSA signatures are smaller than RSA signatures of similar
cryptographic strength. ECDSA public keys (and certificates) are smaller cryptographic strength. ECDSA public keys (and certificates) are smaller
than similar strength DSA keys, resulting in improved communications than similar strength DSA keys, resulting in improved communications
efficiency. Furthermore, on many platforms ECDSA operations can be efficiency. Furthermore, on many platforms ECDSA operations can be
computed faster than similar strength RSA or DSA operations (see [KEYS] computed faster than similar strength RSA or DSA operations (see [KEYS]
skipping to change at page 3, line 53 skipping to change at page 3, line 54
Signature Syntax and Processing [XMLDSIG]. It relies heavily on the Signature Syntax and Processing [XMLDSIG]. It relies heavily on the
syntax and namespace defined therein. syntax and namespace defined therein.
3.1 Version, Namespaces and Identifiers 3.1 Version, Namespaces and Identifiers
No provision is made for an explicit version number in this syntax. If No provision is made for an explicit version number in this syntax. If
a future version is needed, it will use a different namespace. a future version is needed, it will use a different namespace.
The XML namespace [XML-ns] URI that MUST be used by implementations of The XML namespace [XML-ns] URI that MUST be used by implementations of
this (dated) specification is: this (dated) specification is:
http://www.buergerkarte.at/namespaces/ecdsa/200206030# http://www.w3.org/2001/04/xmldsig-more#
Elements in the namespace of the [XMLDSIG] specification are marked as Elements in the namespace of the [XMLDSIG] specification are marked as
such by using the namespace prefix "dsig" in the remaining sections of such by using the namespace prefix "dsig" in the remaining sections of
this document. this document.
The identifier for the ECDSA signature algorithm is: The identifier for the ECDSA signature algorithm is:
http://www.buergerkarte.at/namespaces/ecdsa/200206030#ecdsa-sha1 http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
3.2 XML Schema Preamble and DTD Replacement 3.2 XML Schema Preamble and DTD Replacement
3.2.1 XML Schema Preamble 3.2.1 XML Schema Preamble
The subsequent preamble is to be used with the XML Schema definitions The subsequent preamble is to be used with the XML Schema definitions
given in the remaining sections of this document. given in the remaining sections of this document.
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<xs:schema <xs:schema
targetNamespace="http://www.buergerkarte.at/namespaces/ targetNamespace="http://www.w3.org/2001/04/xmldsig-more#"
ecdsa/200206030#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#"
xmlns:ecdsa="http://www.buergerkarte.at/namespaces/ecdsa/200206030#"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" attributeFormDefault="unqualified" elementFormDefault="qualified" attributeFormDefault="unqualified"
version="0.2"> version="0.2">
3.2.2 DTD Replacement 3.2.2 DTD Replacement
In order to include ECDSA in XML-signature syntax, the following In order to include ECDSA in XML-signature syntax, the following
definition of the entity Key.ANY SHOULD replace the one in [XMLDSIG]: definition of the entity Key.ANY SHOULD replace the one in [XMLDSIG]:
<!ENTITY % KeyValue.ANY '| ecdsa:ECDSAKeyValue'> <!ENTITY % KeyValue.ANY '| ecdsa:ECDSAKeyValue'>
3.3 ECDSA Signatures 3.3 ECDSA Signatures
The input to the ECDSA algorithm is the canonicalized represenation of The input to the ECDSA algorithm is the canonicalized representation of
the dsig:SignedInfo element as specified in Section 3 of [XMLDSIG]. the dsig:SignedInfo element as specified in Section 3 of [XMLDSIG].
The output of the ECDSA algorithm consists of a pair of integers usually The output of the ECDSA algorithm consists of a pair of integers usually
referred by the pair (r, s). The signature value (text value of element referred by the pair (r, s). The signature value (text value of element
dsig:SignatureValue - see section 4.2 of [XMLDSIG]) consists of the dsig:SignatureValue - see section 4.2 of [XMLDSIG]) consists of the
base64 encoding of the concatenation of two octet-streams that base64 encoding of the concatenation of two octet-streams that
respectively result from the octet-encoding of the values r and s. This respectively result from the octet-encoding of the values r and s. This
concatenation is described in section E3.1 of [IEEE1363]. concatenation is described in section E3.1 of [IEEE1363].
3.4 ECDSA Key Values 3.4 ECDSA Key Values
skipping to change at page 5, line 42 skipping to change at page 5, line 31
<!ELEMENT X EMPTY> <!ELEMENT X EMPTY>
<!ATTLIST X Value CDATA #REQUIRED> <!ATTLIST X Value CDATA #REQUIRED>
<!ELEMENT Y EMPTY> <!ELEMENT Y EMPTY>
<!ATTLIST Y Value CDATA #REQUIRED> <!ATTLIST Y Value CDATA #REQUIRED>
3.4.2 EC Domain Parameters 3.4.2 EC Domain Parameters
Domain parameters can be encoded either explicitly using element Domain parameters can be encoded either explicitly using element
ExplicitParams, or by reference using element NamedCurve. The latter ExplicitParams, or by reference using element NamedCurve. The latter
simply consists of an attribute named URN, which bears a uniform simply consists of an attribute named URN, which bears a uniform
ressource name as its value. For the named curves of standards like resource name as its value. For the named curves of standards like
[X9.62], [FIPS-186-2] or [SEC2], the OIDs of these curves SHOULD be used [X9.62], [FIPS-186-2] or [SEC2], the OIDs of these curves SHOULD be used
in this attribute, e. g. URN="urn:oid:1.2.840.10045.3.1.1". The in this attribute, e. g. URN="urn:oid:1.2.840.10045.3.1.1". The
mechanism for encoding OIDs in URNs is shown in [RFC3061]. mechanism for encoding OIDs in URNs is shown in [RFC3061].
Schema Definition: Schema Definition:
<xs:complexType name="DomainParamsType"> <xs:complexType name="DomainParamsType">
<xs:choice> <xs:choice>
<xs:element name="ExplicitParams" <xs:element name="ExplicitParams"
type="ecdsa:ExplicitParamsType"/> type="ecdsa:ExplicitParamsType"/>
skipping to change at page 7, line 29 skipping to change at page 6, line 54
It adds the single element K, which represents the integer k, where It adds the single element K, which represents the integer k, where
x^m + x^k + 1 is the reduction polynomial. x^m + x^k + 1 is the reduction polynomial.
The XML Schema type PnBFieldParamsType is derived from The XML Schema type PnBFieldParamsType is derived from
CharTwoFieldParamsType as well and is used for encoding pentanomial base CharTwoFieldParamsType as well and is used for encoding pentanomial base
fields. It adds the three elements K1, K2 and K3, which represent the fields. It adds the three elements K1, K2 and K3, which represent the
integers k1, k2 and k3 respectively, where x^m + x^k3 + x^k2 + x^k1 + 1 integers k1, k2 and k3 respectively, where x^m + x^k3 + x^k2 + x^k1 + 1
is the reduction polynomial. is the reduction polynomial.
The XML Schema type OddCharExtensionFieldParamsType is derived from The XML Schema type OddCharExtensionFieldParamsType is derived from
FieldParamsType as well and is used for encoding parameters of a FieldParamsType as well and is used for encoding parameters of an
odd characteristic extension field. odd characteristic extension field. The type contains two elements M,
The type contains two elements M, the extension degree of the field, which represents the extension degree of the field m, and W, which
and W, which represent the integers w, represents the integer w, where x^m - w is the reduction polynomial.
where x^m - w is the reduction polynomial.
Schema Definition: Schema Definition:
<xs:complexType name="FieldParamsType" abstract="true"/> <xs:complexType name="FieldParamsType" abstract="true"/>
<xs:complexType name="PrimeFieldParamsType"> <xs:complexType name="PrimeFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldParamsType"> <xs:extension base="ecdsa:FieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="P" type="xs:positiveInteger"/> <xs:element name="P" type="xs:positiveInteger"/>
skipping to change at page 7, line 59 skipping to change at page 7, line 29
<xs:complexType name="CharTwoFieldParamsType" abstract="true"> <xs:complexType name="CharTwoFieldParamsType" abstract="true">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldParamsType"> <xs:extension base="ecdsa:FieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="M" type="xs:positiveInteger"/> <xs:element name="M" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="OddCharExtensionFieldParamsType" abstract="true"> <xs:complexType name="OddCharExtensionFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldParamsType"> <xs:extension base="ecdsa:FieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="M" type="xs:positiveInteger"/> <xs:element name="M" type="xs:positiveInteger"/>
<xs:element name="W" type="xs:positiveInteger"/> <xs:element name="W" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="TnBFieldParamsType"> <xs:complexType name="TnBFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:CharTwoFieldParamsType"> <xs:extension base="ecdsa:CharTwoFieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="K" type="xs:positiveInteger"/> <xs:element name="K" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
skipping to change at page 8, line 21 skipping to change at page 8, line 4
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="PnBFieldParamsType"> <xs:complexType name="PnBFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:CharTwoFieldParamsType"> <xs:extension base="ecdsa:CharTwoFieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="K1" type="xs:positiveInteger"/> <xs:element name="K1" type="xs:positiveInteger"/>
<xs:element name="K2" type="xs:positiveInteger"/> <xs:element name="K2" type="xs:positiveInteger"/>
<xs:element name="K3" type="xs:positiveInteger"/> <xs:element name="K3" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
DTD Definition: DTD Definition:
<!ELEMENT FieldParams (P | (M, K) | (M, K1, K2, K3))> <!ELEMENT FieldParams (P | (M, K) | (M, K1, K2, K3) | (M, W))>
<!ELEMENT P (#PCDATA)> <!ELEMENT P (#PCDATA)>
<!ELEMENT M (#PCDATA)> <!ELEMENT M (#PCDATA)>
<!ELEMENT K (#PCDATA)> <!ELEMENT K (#PCDATA)>
<!ELEMENT K1 (#PCDATA)> <!ELEMENT K1 (#PCDATA)>
<!ELEMENT K2 (#PCDATA)> <!ELEMENT K2 (#PCDATA)>
<!ELEMENT K3 (#PCDATA)> <!ELEMENT K3 (#PCDATA)>
<!ELEMENT W (#PCDATA)>
3.4.2.2 Curve Parameters 3.4.2.2 Curve Parameters
The element CurveParams is used for encoding parameters of the elliptic The element CurveParams is used for encoding parameters of the elliptic
curve. The corresponding XML Schema type CurveParamsType bears the curve. The corresponding XML Schema type CurveParamsType bears the
elements A and B representing the coefficients a and b of the elliptic elements A and B representing the coefficients a and b of the elliptic
curve, while the optional element Seed contains the value used to derive curve, while the optional element Seed contains the value used to derive
the coefficients of a randomly generated elliptic curve, according to the coefficients of a randomly generated elliptic curve, according to
the algorithm specified in annex A3.3 of [X9.62]. the algorithm specified in annex A3.3 of [X9.62].
skipping to change at page 10, line 15 skipping to change at page 9, line 29
3.4.3 EC Points 3.4.3 EC Points
The XML Schema type ECPointType is used for encoding a point on the The XML Schema type ECPointType is used for encoding a point on the
elliptic curve. It consists of the subelements X and Y, providing the elliptic curve. It consists of the subelements X and Y, providing the
x and y coordinates of the point. Point compression representation is x and y coordinates of the point. Point compression representation is
not supported by this specification for the sake of simple design. not supported by this specification for the sake of simple design.
The point at infinity is encoded by omitting both elements X and Y. The point at infinity is encoded by omitting both elements X and Y.
The subelements X and Y are of type FieldElemType. This is an abstract The subelements X and Y are of type FieldElemType. This is an abstract
type for encoding elements of the elliptic curveËs underlying field and type for encoding elements of the elliptic curves underlying field and
is extended by specialized types for prime field elements and is extended by specialized types for prime field elements and
characteristic two field elements. characteristic two field elements.
The XML Schema type PrimeFieldElemType is used for encoding prime field The XML Schema type PrimeFieldElemType is used for encoding prime field
elements. It contains a single attribute named Value, whose value elements. It contains a single attribute named Value, whose value
represents the field element as an integer. represents the field element as an integer.
The XML Schema type CharTwoFieldElemType is used for encoding The XML Schema type CharTwoFieldElemType is used for encoding
characteristic two field elements. It Contains a single attribute named characteristic two field elements. It contains a single attribute named
Value, whose value represents the field element as an octet string. The Value, whose value represents the field element as an octet string. The
octet string must be composed as shown in paragraph 2 of section 4.3.3 octet string must be composed as shown in paragraph 2 of section 4.3.3
of [X9.62]. of [X9.62].
The XML Schema type OddCharExtensionFieldElemType is used for encoding
odd characteristic extension field elements. It contains a single
attribute named Value, whose value represents the field element as an
integer. The integer must be composed as shown in section
5.3.3 of [IEEE1363a].
Schema Definition: Schema Definition:
<xs:complexType name="ECPointType"> <xs:complexType name="ECPointType">
<xs:sequence minOccurs="0"> <xs:sequence minOccurs="0">
<xs:element name="X" type="ecdsa:FieldElemType"/> <xs:element name="X" type="ecdsa:FieldElemType"/>
<xs:element name="Y" type="ecdsa:FieldElemType"/> <xs:element name="Y" type="ecdsa:FieldElemType"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
<xs:complexType name="FieldElemType" abstract="true"/> <xs:complexType name="FieldElemType" abstract="true"/>
<xs:complexType name="PrimeFieldElemType"> <xs:complexType name="PrimeFieldElemType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldElemType"> <xs:extension base="ecdsa:FieldElemType">
<xs:attribute name="Value" type="xs:nonNegativeInteger" <xs:attribute name="Value" type="xs:nonNegativeInteger"
use="required"/> use="required"/>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="OddCharExtensionFieldElemType"> <xs:complexType name="CharTwoFieldElemType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldElemType"> <xs:extension base="ecdsa:FieldElemType">
<xs:attribute name="Value" type="xs:nonNegativeInteger" <xs:attribute name="Value" type="xs:hexBinary"
use="required"/> use="required"/>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="CharTwoFieldElemType">
<xs:complexType name="OddCharExtensionFieldElemType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldElemType"> <xs:extension base="ecdsa:FieldElemType">
<xs:attribute name="Value" type="xs:hexBinary" <xs:attribute name="Value" type="xs:nonNegativeInteger"
use="required"/> use="required"/>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
4. Security Considerations 4. Security Considerations
Implementers should ensure that appropriate security measures are in Implementers should ensure that appropriate security measures are in
place when they deploy ECDSA within XMLDSIG. In particular, the security place when they deploy ECDSA within XMLDSIG. In particular, the security
of ECDSA requires the careful selection of both key sizes and elliptic of ECDSA requires the careful selection of both key sizes and elliptic
skipping to change at page 12, line 6 skipping to change at page 11, line 17
obtain a general license or permission for the use of such obtain a general license or permission for the use of such
proprietary rights by implementers or users of this specification can proprietary rights by implementers or users of this specification can
be obtained from the IETF Secretariat. be obtained from the IETF Secretariat.
6. References 6. References
[FIPS-180-1] Federal Information Processing Standards Publication [FIPS-180-1] Federal Information Processing Standards Publication
(FIPS PUB) 180-1, Secure Hash Standard, April 1995. (FIPS PUB) 180-1, Secure Hash Standard, April 1995.
[FIPS-186-2] Federal Information Processing Standards Publication [FIPS-186-2] Federal Information Processing Standards Publication
(FIPS PUB) 186-2, Digital Signature Standard. January (FIPS PUB) 186-2, Digital Signature Standard, January
2000. 2000.
[IEEE1363] Institute for Electrical and Electronics Engineers (IEEE) [IEEE1363] Institute for Electrical and Electronics Engineers (IEEE)
Standard 1363-2000, Standard Specifications for Public Key Standard 1363-2000, Standard Specifications for Public Key
Cryptography. January 2000. Cryptography, January 2000.
[IEEE1363a] Institute for Electrical and Electronics Engineers (IEEE)
Standard 1363, Draft Standard Specifications for Public
Key Cryptography -- Amendment 1: Additional Techniques,
October 2002.
[KEYS] Lenstra, A.K. and Verheul, E.R., Selecting Cryptographic Key [KEYS] Lenstra, A.K. and Verheul, E.R., Selecting Cryptographic Key
Sizes. October 1999. Presented at Public Key Cryptography Sizes. October 1999. Presented at Public Key Cryptography
Conference, Melbourne, Australia, January 2000. Conference, Melbourne, Australia, January 2000.
http://www.cryptosavvy.com/ http://www.cryptosavvy.com/
[RFC3061] Mealling, M., RFC 3061, A URN Namespace of Object [RFC3061] Mealling, M., RFC 3061, A URN Namespace of Object
Identifiers. IETF Informational RFC, February 2001. Identifiers. IETF Informational RFC, February 2001.
http://www.ietf.org/rfc/rfc3061.txt http://www.ietf.org/rfc/rfc3061.txt
skipping to change at page 13, line 5 skipping to change at page 12, line 15
http://www.w3.org/TR/2000/REC-xml-20001006 http://www.w3.org/TR/2000/REC-xml-20001006
[XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., XML-Signature [XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., XML-Signature
Syntax and Processing. W3C Recommendation, February 2002. Syntax and Processing. W3C Recommendation, February 2002.
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/ http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/
[XML-ns] Bray, T., Hollander, D., and Layman, A., Namespaces in XML, [XML-ns] Bray, T., Hollander, D., and Layman, A., Namespaces in XML,
W3C Recommendation, January 1999. W3C Recommendation, January 1999.
http://www.w3.org/TR/1999/REC-xml-names-19990114/ http://www.w3.org/TR/1999/REC-xml-names-19990114/
[XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson, [XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson,
H., XML Schema Part 1: Structures, W3C Recommendation, H., XML Schema Part 1: Structures, W3C Recommendation,
May 2001. May 2001.
http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/ http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/
Biron, P., and Malhotra, A., ML Schema Part 2: Biron, P., and Malhotra, A., ML Schema Part 2:
Datatypes, W3C Recommendation, May 2001. Datatypes, W3C Recommendation, May 2001.
http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/ http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/
7. Authors' Addresses 7. Authors' Addresses
Simon Blake-Wilson Simon Blake-Wilson
BCI BCI
96 Spadina Ave, Unit 606 96 Spadina Ave, Unit 606
Toronto, ON, M5V 2J6, Canada Toronto, ON, M5V 2J6, Canada
e-mail: sblakewilson@bcisse.com e-mail: sblakewilson@bcisse.com
Gregor Karlinger Gregor Karlinger
Chief Information Office Austria Chief Information Office Austria
Parkring 10/I/5 Parkring 10/I/5
1010 Wien, Austria 1010 Wien, Austria
e-mail: gregor.karlinger@cio.gv.at e-mail: gregor.karlinger@cio.gv.at
Tetsutaro Kobayashi Tetsutaro Kobayashi
NTT Laboratories NTT Laboratories
1-1 Hikarinooka, Yokosuka, 239-0847, Japan 1-1 Hikarinooka, Yokosuka, 239-0847, Japan
Phone: +81-468-59-3712 e-mail: kotetsu@isl.ntt.co.jp
FAX: +81-468-59-3365
email: kotetsu@isl.ntt.co.jp
Yongge Wang Yongge Wang
University of North Carolina at Charlotte University of North Carolina at Charlotte
9201 University City Blvd 9201 University City Blvd
Charlotte, NC 28223, USA Charlotte, NC 28223, USA
e-mail: yonwang@uncc.edu e-mail: yonwang@uncc.edu
8. Acknowledgements 8. Acknowledgements
The authors would like to acknowledge the many helpful comments of The authors would like to acknowledge the many helpful comments of
Wolfgang Bauer, Donald Eastlake, Tom Gindin, Chris Hawk, Joseph M. Wolfgang Bauer, Donald Eastlake, Tom Gindin, Chris Hawk, Akihiro Kato,
Reagle Jr., and Francois Rousseau. Shiho Moriai, Joseph M. Reagle Jr., and Francois Rousseau.
9. Full Copyright Statement 9. Full Copyright Statement
Copyright (C) The Internet Society (1999). All Rights Reserved. Copyright (C) The Internet Society (1999). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain others, and derivative works that comment on or otherwise explain
it or assist in its implementation may be prepared, copied, it or assist in its implementation may be prepared, copied,
published and distributed, in whole or in part, without restriction published and distributed, in whole or in part, without restriction
of any kind, provided that the above copyright notice and this of any kind, provided that the above copyright notice and this
skipping to change at page 15, line 28 skipping to change at page 14, line 21
<xs:complexType name="PrimeFieldParamsType"> <xs:complexType name="PrimeFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldParamsType"> <xs:extension base="ecdsa:FieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="P" type="xs:positiveInteger"/> <xs:element name="P" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="OddCharExtensionFieldParamsType"> <xs:complexType name="CharTwoFieldParamsType" abstract="true">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldParamsType"> <xs:extension base="ecdsa:FieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="M" type="xs:positiveInteger"/> <xs:element name="M" type="xs:positiveInteger"/>
<xs:element name="W" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="CharTwoFieldParamsType" abstract="true"> <xs:complexType name="OddCharExtensionFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldParamsType"> <xs:extension base="ecdsa:FieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="M" type="xs:positiveInteger"/> <xs:element name="M" type="xs:positiveInteger"/>
<xs:element name="W" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="TnBFieldParamsType"> <xs:complexType name="TnBFieldParamsType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:CharTwoFieldParamsType"> <xs:extension base="ecdsa:CharTwoFieldParamsType">
<xs:sequence> <xs:sequence>
<xs:element name="K" type="xs:positiveInteger"/> <xs:element name="K" type="xs:positiveInteger"/>
</xs:sequence> </xs:sequence>
skipping to change at page 17, line 4 skipping to change at page 15, line 39
</xs:complexType> </xs:complexType>
<!--EC point--> <!--EC point-->
<xs:complexType name="ECPointType"> <xs:complexType name="ECPointType">
<xs:sequence minOccurs="0"> <xs:sequence minOccurs="0">
<xs:element name="X" type="ecdsa:FieldElemType"/> <xs:element name="X" type="ecdsa:FieldElemType"/>
<xs:element name="Y" type="ecdsa:FieldElemType"/> <xs:element name="Y" type="ecdsa:FieldElemType"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
<!--Field element--> <!--Field element-->
<xs:complexType name="FieldElemType" abstract="true"/> <xs:complexType name="FieldElemType" abstract="true"/>
<xs:complexType name="PrimeFieldElemType"> <xs:complexType name="PrimeFieldElemType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldElemType"> <xs:extension base="ecdsa:FieldElemType">
<xs:attribute name="Value" type="xs:nonNegativeInteger" <xs:attribute name="Value" type="xs:nonNegativeInteger"
use="required"/> use="required"/>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="OddCharExtensionFieldElemType"> <xs:complexType name="CharTwoFieldElemType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldElemType"> <xs:extension base="ecdsa:FieldElemType">
<xs:attribute name="Value" type="xs:nonNegativeInteger" <xs:attribute name="Value" type="xs:hexBinary"
use="required"/> use="required"/>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
<xs:complexType name="CharTwoFieldElemType"> <xs:complexType name="OddCharExtensionFieldElemType">
<xs:complexContent> <xs:complexContent>
<xs:extension base="ecdsa:FieldElemType"> <xs:extension base="ecdsa:FieldElemType">
<xs:attribute name="Value" type="xs:hexBinary" <xs:attribute name="Value" type="xs:nonNegativeInteger"
use="required"/> use="required"/>
</xs:extension> </xs:extension>
</xs:complexContent> </xs:complexContent>
</xs:complexType> </xs:complexType>
</xs:schema> </xs:schema>
Appendix A: Aggregate DTD Appendix B: Aggregate DTD
<!ELEMENT ECDSAKeyValue (DomainParameters?, PublicKey)> <!ELEMENT ECDSAKeyValue (DomainParameters?, PublicKey)>
<!ELEMENT PublicKey (X, Y)?> <!ELEMENT PublicKey (X, Y)?>
<!ELEMENT X EMPTY> <!ELEMENT X EMPTY>
<!ATTLIST X Value CDATA #REQUIRED> <!ATTLIST X Value CDATA #REQUIRED>
<!ELEMENT Y EMPTY> <!ELEMENT Y EMPTY>
<!ATTLIST Y Value CDATA #REQUIRED> <!ATTLIST Y Value CDATA #REQUIRED>
<!ELEMENT DomainParameters (ExplicitParams | NamedCurve)> <!ELEMENT DomainParameters (ExplicitParams | NamedCurve)>
<!ELEMENT NamedCurve EMPTY> <!ELEMENT NamedCurve EMPTY>
<!ATTLIST NamedCurve URN CDATA #REQUIRED> <!ATTLIST NamedCurve URN CDATA #REQUIRED>
<!ELEMENT ExplicitParams (FieldParams, CurveParams, BasePointParams)> <!ELEMENT ExplicitParams (FieldParams, CurveParams, BasePointParams)>
<!ELEMENT FieldParams (P | (M, K) | (M, K1, K2, K3))> <!ELEMENT FieldParams (P | (M, K) | (M, K1, K2, K3) | (M, W))>
<!ELEMENT P (#PCDATA)> <!ELEMENT P (#PCDATA)>
<!ELEMENT M (#PCDATA)> <!ELEMENT M (#PCDATA)>
<!ELEMENT W (#PCDATA)> <!ELEMENT W (#PCDATA)>
<!ELEMENT K (#PCDATA)> <!ELEMENT K (#PCDATA)>
<!ELEMENT K1 (#PCDATA)> <!ELEMENT K1 (#PCDATA)>
<!ELEMENT K2 (#PCDATA)> <!ELEMENT K2 (#PCDATA)>
<!ELEMENT K3 (#PCDATA)> <!ELEMENT K3 (#PCDATA)>
<!ELEMENT CurveParams (A, B, Seed?)> <!ELEMENT CurveParams (A, B, Seed?)>
<!ELEMENT A EMPTY> <!ELEMENT A EMPTY>
<!ATTLIST A Value CDATA #REQUIRED> <!ATTLIST A Value CDATA #REQUIRED>
 End of changes. 43 change blocks. 
65 lines changed or deleted 77 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/