< draft-blake-wilson-xmldsig-ecdsa-08.txt   draft-blake-wilson-xmldsig-ecdsa-09.txt >
INTERNET-DRAFT S. Blake-Wilson, BCI INTERNET-DRAFT S. Blake-Wilson, BCI
G. Karlinger, CIO Austria G. Karlinger, CIO Austria
T. Kobayashi, NTT T. Kobayashi, NTT
Y. Wang, UNCC Y. Wang, UNCC
Expires: July 2004 January 2004 Expires: Sept 2004 March 2004
Using the Elliptic Curve Signature Algorithm (ECDSA) Using the Elliptic Curve Signature Algorithm (ECDSA)
for XML Digital Signatures for XML Digital Signatures
<draft-blake-wilson-xmldsig-ecdsa-08.txt> <draft-blake-wilson-xmldsig-ecdsa-09.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. Internet-Drafts are working provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
skipping to change at page 4, line 6 skipping to change at page 4, line 6
namespace. namespace.
The XML namespace [XML-ns] URI that MUST be used by implementations of The XML namespace [XML-ns] URI that MUST be used by implementations of
this (dated) specification is: this (dated) specification is:
http://www.w3.org/2001/04/xmldsig-more# http://www.w3.org/2001/04/xmldsig-more#
Elements in the namespace of the [XMLDSIG] specification are marked as Elements in the namespace of the [XMLDSIG] specification are marked as
such by using the namespace prefix "dsig" in the remaining sections of such by using the namespace prefix "dsig" in the remaining sections of
this document. this document.
The identifier for the ECDSA signature algorithm is: The identifier for the ECDSA signature algorithm as defined in
[Eastlake] is:
http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
3.2 XML Schema Preamble and DTD Replacement 3.2 XML Schema Preamble and DTD Replacement
3.2.1 XML Schema Preamble 3.2.1 XML Schema Preamble
The subsequent preamble is to be used with the XML Schema definitions The subsequent preamble is to be used with the XML Schema definitions
given in the remaining sections of this document. given in the remaining sections of this document.
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
skipping to change at page 10, line 45 skipping to change at page 10, line 45
Implementers should ensure that appropriate security measures are in Implementers should ensure that appropriate security measures are in
place when they deploy ECDSA within XMLDSIG. In particular, the security place when they deploy ECDSA within XMLDSIG. In particular, the security
of ECDSA requires the careful selection of both key sizes and elliptic of ECDSA requires the careful selection of both key sizes and elliptic
curve domain parameters. Selection guidelines for these parameters and curve domain parameters. Selection guidelines for these parameters and
some specific recommended curves that are considered safe are provided some specific recommended curves that are considered safe are provided
in [X9.62], [NIST-ECC], and [SEC2]. For further security discussion, in [X9.62], [NIST-ECC], and [SEC2]. For further security discussion,
see [XMLDSIG]. see [XMLDSIG].
5. Normative References 5. Normative References
[Eastlake] Eastlake, D. Additional XML Security URIs. IETF
Internet-Draft. March 2004.
http://www.ietf.org/internet-drafts/
draft-eastlake-xmldsig-uri-06.txt.
[X9.62] American National Standards Institute. ANSI X9.62-1998, [X9.62] American National Standards Institute. ANSI X9.62-1998,
Public Key Cryptography for the Financial Services Industry: Public Key Cryptography for the Financial Services Industry:
The Elliptic Curve Digital Signature Algorithm. January 1999. The Elliptic Curve Digital Signature Algorithm. January 1999.
[XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., XML-Signature [XMLDSIG] Eastlake, D., Reagle, J., and Solo, D., RFC 3275,
Syntax and Processing. W3C Recommendation, February 2002. XML-Signature Syntax and Processing. IETF RFC, March 2002.
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/ http://www.ietf.org/rfc/rfc3275.txt.
(Also W3C Recommendation, February 2002.
http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/.)
[XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson, [XML-schema] Beech, D., Maloney, M., Mendelsohn, N., and Thompson,
H., XML Schema Part 1: Structures, W3C Recommendation, H., XML Schema Part 1: Structures, W3C Recommendation,
May 2001. May 2001.
http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/ http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/
Biron, P., and Malhotra, A., ML Schema Part 2: Biron, P., and Malhotra, A., ML Schema Part 2:
Datatypes, W3C Recommendation, May 2001. Datatypes, W3C Recommendation, May 2001.
http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/ http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/
6. Informative References 6. Informative References
 End of changes. 6 change blocks. 
6 lines changed or deleted 15 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/