| < draft-blake-wilson-xmldsig-ecdsa-08.txt | draft-blake-wilson-xmldsig-ecdsa-09.txt > | |||
|---|---|---|---|---|
| INTERNET-DRAFT S. Blake-Wilson, BCI | INTERNET-DRAFT S. Blake-Wilson, BCI | |||
| G. Karlinger, CIO Austria | G. Karlinger, CIO Austria | |||
| T. Kobayashi, NTT | T. Kobayashi, NTT | |||
| Y. Wang, UNCC | Y. Wang, UNCC | |||
| Expires: July 2004 January 2004 | Expires: Sept 2004 March 2004 | |||
| Using the Elliptic Curve Signature Algorithm (ECDSA) | Using the Elliptic Curve Signature Algorithm (ECDSA) | |||
| for XML Digital Signatures | for XML Digital Signatures | |||
| <draft-blake-wilson-xmldsig-ecdsa-08.txt> | <draft-blake-wilson-xmldsig-ecdsa-09.txt> | |||
| Status of this Memo | Status of this Memo | |||
| This document is an Internet-Draft and is in full conformance with all | This document is an Internet-Draft and is in full conformance with all | |||
| provisions of Section 10 of RFC2026. Internet-Drafts are working | provisions of Section 10 of RFC2026. Internet-Drafts are working | |||
| documents of the Internet Engineering Task Force (IETF), its areas, | documents of the Internet Engineering Task Force (IETF), its areas, | |||
| and its working groups. Note that other groups may also distribute | and its working groups. Note that other groups may also distribute | |||
| working documents as Internet-Drafts. | working documents as Internet-Drafts. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| skipping to change at page 4, line 6 ¶ | skipping to change at page 4, line 6 ¶ | |||
| namespace. | namespace. | |||
| The XML namespace [XML-ns] URI that MUST be used by implementations of | The XML namespace [XML-ns] URI that MUST be used by implementations of | |||
| this (dated) specification is: | this (dated) specification is: | |||
| http://www.w3.org/2001/04/xmldsig-more# | http://www.w3.org/2001/04/xmldsig-more# | |||
| Elements in the namespace of the [XMLDSIG] specification are marked as | Elements in the namespace of the [XMLDSIG] specification are marked as | |||
| such by using the namespace prefix "dsig" in the remaining sections of | such by using the namespace prefix "dsig" in the remaining sections of | |||
| this document. | this document. | |||
| The identifier for the ECDSA signature algorithm is: | The identifier for the ECDSA signature algorithm as defined in | |||
| [Eastlake] is: | ||||
| http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 | http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 | |||
| 3.2 XML Schema Preamble and DTD Replacement | 3.2 XML Schema Preamble and DTD Replacement | |||
| 3.2.1 XML Schema Preamble | 3.2.1 XML Schema Preamble | |||
| The subsequent preamble is to be used with the XML Schema definitions | The subsequent preamble is to be used with the XML Schema definitions | |||
| given in the remaining sections of this document. | given in the remaining sections of this document. | |||
| <?xml version="1.0" encoding="UTF-8"?> | <?xml version="1.0" encoding="UTF-8"?> | |||
| skipping to change at page 10, line 45 ¶ | skipping to change at page 10, line 45 ¶ | |||
| Implementers should ensure that appropriate security measures are in | Implementers should ensure that appropriate security measures are in | |||
| place when they deploy ECDSA within XMLDSIG. In particular, the security | place when they deploy ECDSA within XMLDSIG. In particular, the security | |||
| of ECDSA requires the careful selection of both key sizes and elliptic | of ECDSA requires the careful selection of both key sizes and elliptic | |||
| curve domain parameters. Selection guidelines for these parameters and | curve domain parameters. Selection guidelines for these parameters and | |||
| some specific recommended curves that are considered safe are provided | some specific recommended curves that are considered safe are provided | |||
| in [X9.62], [NIST-ECC], and [SEC2]. For further security discussion, | in [X9.62], [NIST-ECC], and [SEC2]. For further security discussion, | |||
| see [XMLDSIG]. | see [XMLDSIG]. | |||
| 5. Normative References | 5. Normative References | |||
| [Eastlake] Eastlake, D. Additional XML Security URIs. IETF | ||||
| Internet-Draft. March 2004. | ||||
| http://www.ietf.org/internet-drafts/ | ||||
| draft-eastlake-xmldsig-uri-06.txt. | ||||
| [X9.62] American National Standards Institute. ANSI X9.62-1998, | [X9.62] American National Standards Institute. ANSI X9.62-1998, | |||
| Public Key Cryptography for the Financial Services Industry: | Public Key Cryptography for the Financial Services Industry: | |||
| The Elliptic Curve Digital Signature Algorithm. January 1999. | The Elliptic Curve Digital Signature Algorithm. January 1999. | |||
| [XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., XML-Signature | [XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., RFC 3275, | |||
| Syntax and Processing. W3C Recommendation, February 2002. | XML-Signature Syntax and Processing. IETF RFC, March 2002. | |||
| http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/ | http://www.ietf.org/rfc/rfc3275.txt. | |||
| (Also W3C Recommendation, February 2002. | ||||
| http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/.) | ||||
| [XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson, | [XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson, | |||
| H., XML Schema Part 1: Structures, W3C Recommendation, | H., XML Schema Part 1: Structures, W3C Recommendation, | |||
| May 2001. | May 2001. | |||
| http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/ | http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/ | |||
| Biron, P., and Malhotra, A., ML Schema Part 2: | Biron, P., and Malhotra, A., ML Schema Part 2: | |||
| Datatypes, W3C Recommendation, May 2001. | Datatypes, W3C Recommendation, May 2001. | |||
| http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/ | http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/ | |||
| 6. Informative References | 6. Informative References | |||
| End of changes. 6 change blocks. | ||||
| 6 lines changed or deleted | 15 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||