idnits 2.17.1 

draft-ietf-trade-iotp-v1.0-dsig-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** Missing expiration date.  The document expiration date should appear on
     the first and last page.

  ** The document seems to lack a 1id_guidelines paragraph about
     Internet-Drafts being working documents. 

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     current Internet-Drafts. 

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     Shadow Directories. 

  ** Bad filename characters: the document name given in the document,
     'draft-ietf-trade-iotp-v1.0-dsig-00.txt,', contains other characters than
     digits, lowercase letters and dash.

  ** Missing revision: the document name given in the document,
     'draft-ietf-trade-iotp-v1.0-dsig-00.txt,', does not give the document
     revision number

  ~~ Missing draftname component: the document name given in the document,
     'draft-ietf-trade-iotp-v1.0-dsig-00.txt,', does not seem to contain all
     the document name components required ('draft' prefix, document source,
     document name, and revision) -- see
     https://www.ietf.org/id-info/guidelines#naming for more information.

  == Mismatching filename: the document gives the document name as
     'draft-ietf-trade-iotp-v1.0-dsig-00.txt,', but the file name used is
     'draft-ietf-trade-iotp-v1.0-dsig-00'

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack a Security Considerations section.

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack an Authors' Addresses Section.

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.

  ** The document seems to lack a both a reference to RFC 2119 and the
     recommended RFC 2119 boilerplate, even if it appears to use RFC 2119
     keywords. 

     RFC 2119 keyword, line 475: '...ate reference ID MUST point to a certi...'
     RFC 2119 keyword, line 495: '...thm reference ID MUST point to a signa...'
     RFC 2119 keyword, line 499: '...lue reference ID MUST point to a value...'


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == Couldn't figure out when the document was first submitted -- there may
     comments or warnings related to the use of a disclaimer for pre-RFC5378
     work that could not be issued because of this.  Please check the Legal
     Provisions document at https://trustee.ietf.org/license-info to determine
     if you need the pre-RFC5378 disclaimer.

  -- The document date (February 1999) is 9203 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Missing Reference: 'RFC 2045' is mentioned on line 605, but not defined

  == Unused Reference: 'RFC 2046' is defined on line 917, but no explicit
     reference was found in the text

  ** Downref: Normative reference to an Informational RFC: RFC 1321

  ** Downref: Normative reference to an Informational RFC: RFC 2104

  ** Obsolete normative reference: RFC 2141 (Obsoleted by RFC 8141)

  ** Obsolete normative reference: RFC 2396 (Obsoleted by RFC 3986)

  -- Possible downref: Non-RFC (?) normative reference: ref. 'Schneier'

  -- Possible downref: Non-RFC (?) normative reference: ref. 'XLink'

  -- Possible downref: Non-RFC (?) normative reference: ref. 'XML'


     Summary: 17 errors (**), 1 flaw (~~), 5 warnings (==), 4 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------

1	TRADE Working Group                                        Kent Davidson
2	INTERNET-DRAFT                                              Differential
3	Expires: August 1999                                       February 1999

5	       Digital Signatures for the Internet Open Trading Protocol
6	       ------- ---------- --- --- -------- ---- ------- --------

8	Status of This Document

10	   This draft, file name draft-ietf-trade-iotp-v1.0-dsig-00.txt, is an
11	   addendum to the Internet Open Trading Protocol Specification version
12	   1.0, and is intended to become an Informational RFC. Distribution of
13	   this document is unlimited. Comments should be sent to the TRADE
14	   working group mailing list <ietf-trade@elistx.com>.

16	   This document is an Internet-Draft and is in full conformance with
17	   all provisions of Section 10 of RFC2026.  Internet-Drafts are working
18	   documents of the Internet Engineering Task Force (IETF), its areas,
19	   and its working groups.  Note that other groups may also distribute
20	   working documents as Internet-Drafts.

22	   Internet-Drafts are draft documents valid for a maximum of six
23	   months.  Internet-Drafts may be updated, replaced, or obsoleted by
24	   other documents at any time.  It is not appropriate to use Internet-
25	   Drafts as reference material or to cite them other than as a
26	   ``working draft'' or ``work in progress.''

28	   To view the entire list of current Internet-Drafts, please check the
29	   "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
30	   Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
31	   Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
32	   Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).

34	Abstract

36	   A syntax and procedures are described for the computation and
37	   verification of digital signatures for use within Version 1.0 of the
38	   Internet Open Trading Protocol (IOTP).

40	Table of Contents

42	      Status of This Document....................................1
43	      Abstract...................................................1

45	      Table of Contents..........................................2

47	      1. Introduction............................................3
48	      2. Objective and Requirements..............................3

50	      3. Signature Basics........................................4
51	      3.1 Signature Element......................................4
52	      3.2 Digest Element.........................................4
53	      3.3 Originator and Recipient Information Elements..........5
54	      4. Detailed Signature Syntax...............................6
55	      4.1 Uniform Resource Names.................................6
56	      4.2 IOTPSignatures.........................................6
57	      4.3 Signature Component....................................7
58	      4.3.1 Signature............................................7
59	      4.3.2 Manifest.............................................7
60	      4.3.3 Algorithm............................................8
61	      4.3.4 Digest...............................................9
62	      4.3.5 Attributes..........................................10
63	      4.3.6 Attribute...........................................10
64	      4.3.7 OriginatorInfo......................................10
65	      4.3.8 RecipientInfo.......................................11
66	      4.3.9 Parameter...........................................12
67	      4.4 Certificate Component.................................13
68	      4.4.1 Certificate.........................................13
69	      4.4.2 IssuerAndSerialNumber...............................13
70	      4.5 Common Components.....................................14
71	      4.5.1 Value...............................................14
72	      4.5.2 Locator.............................................15
73	      5. Supported Algorithms...................................15
74	      5.1 Digest Algorithms.....................................15
75	      5.1.1 DOM-HASH............................................16
76	      5.1.2 SHA1................................................16
77	      5.1.3 MD5.................................................16
78	      5.2 Signature Algorithms..................................16
79	      5.2.1 DSA.................................................17
80	      5.2.2 HMAC................................................17
81	      5.2.3 RSA.................................................17
82	      6. Examples...............................................17
83	      7. Signature DTD..........................................19
84	      8. References.............................................21

86	      9. Credits................................................22
87	      Expiration and File Name..................................22

89	1. Introduction

91	   The Internet Open Trading Protocol (IOTP) provides a payment system
92	   independent interoperable framework for Internet commerce as
93	   documented in draft-ietf-trade-iotp-v1.0-protocol-*.txt. All IOTP
94	   messages are XML documents. XML, the Extensible Markup Language
95	   [XML], is a syntactical standard promulgated by the World Wide Web
96	   Consortium. XML is intended primarily for structuring data exchanged
97	   and served over the World Wide Web.

99	   Although IOTP assumes that any payment system used with it provides
100	   its own security, there are numerous cases where IOTP requires
101	   authentication and integrity services for portions of the XML
102	   messages it specifies.

104	2. Objective and Requirements

106	   This document covers how digital signatures may be used with XML
107	   documents to provide authentication and tamper-proof protocol
108	   messages specifically for Version 1.0 of the IOTP protocol. The
109	   reader should recognize that an effort towards general XML digital
110	   signatures exists but is unlikely to produce its final result in time
111	   for IOTP Version 1.0.  Future versions of IOTP will probably just
112	   adopt by reference the results of this general XML digital signature
113	   effort.

115	   The objective of this document is to propose syntax and procedures
116	   for the computation and verification of digital signatures applicable
117	   to Verion 1.0 IOTP protocol messages, providing for:

119	   -- Authentication of IOTP transactions
120	   -- Provide a means by which an IOTP message may be made "tamper-
121	      proof", or detection of tampering is made evident
122	   -- Describe a set of available digest and signature algorithms at
123	      least one of which is mandatory to implement for interoperability
124	   -- Easily integrate within the IOTP 1.0 Specification
125	   -- Provide lightweight signatures with minimal redundancy
126	   -- Allow a signed portions of IOTP message to be "forwarded" to
127	      another trading roles with different signature algorithms than the
128	      original recipient

130	3. Signature Basics

132	3.1 Signature Element

134	   This specification consists primarily of the definition of an XML
135	   element known as the Signature element. This element consists of two
136	   sub-elements. The first one is a set of authenticated attributes,
137	   known as the signature Manifest, which comprises such things as a
138	   unique reference to the resources being authenticated and an
139	   indication of the keying material and algorithms being used. The
140	   second sub-element consists of the digital signature value.

142	   <Signature>
143	           <Manifest>
144	                   (resource information block)
145	                   (originator information block)
146	                   (recipient information block)
147	                   (other attributes)
148	                   (signature algorithms information block)
149	           </Manifest>
150	           <Value encoding= "encoding scheme">
151	                   (encoded signature value)
152	           <Value>
153	   </Signature>

155	   The digital signature is not computed directly from the pieces of
156	   information to be authenticated. Instead, the digital signature is
157	   computed from a set of authenticated attributes (the Manifest), which
158	   include references to, and a digests of, those pieces of information.

160	   The authentication is therefore "indirect".

162	3.2 Digest Element

164	   The Digest element consists of a unique and unambiguous reference to
165	   the XML resources being authenticated. It is constructed of a locator
166	   and the digest value data itself. The Digest algorithm is referred to
167	   indirectly via a DigestAlgorithmRef, so that Digest algorithms may be
168	   shared by multiple resources.

170	   <Resource>
171	           <Locator href= "resource locator"/>
172	           <Digest DigestAlgorithmRef=D.1>
173	                   (digest information block)
174	           </Digest>
175	   </Resource>
176	   The resource locator is implemented as a simple XML Link [XLink].
177	   This not only provides a unique addressing scheme for internal and
178	   external resources, but also facilitates authentication of composite
179	   documents.

181	3.3 Originator and Recipient Information Elements

183	   The purpose of the Originator and Recipient information elements is
184	   providing identification and keying material for these respective
185	   parties.

187	   <OriginatorInfo>
188	    (identification information block)
189	    (keying material information block)
190	   </OriginatorInfo>

192	   <RecipientInfo>
193	    (identification information block)
194	    (keying material information block)
195	   </RecipientInfo>

197	   The actual content of these two elements depends on the
198	   authentication scheme being used and the existence or non-existence
199	   of a prior relationship between the parties. In some circumstances,
200	   it may be quite difficult to distinguish between identification and
201	   keying material information. A unique reference to a digital
202	   certificate provides for both. This may also stand true for an
203	   account number when a prior relationship exists between the parties.

205	   The Originator information element is mandatory. Depending on the
206	   existence or non-existence of a prior relationship with the
207	   recipient, this block either refers to a public credential such as a
208	   digital certificate or displays a unique identifier known by the
209	   recipient.

211	   The Recipient information element may be used when a document
212	   contains multiple signature information blocks, each being intended
213	   for a particular recipient.  A unique reference in the Recipient
214	   information block helps the recipients identify their respective
215	   Signature information block.

217	   The Recipient information element may also be used when determination
218	   of the authentication key consists of a combination of keying
219	   material provided by both parties. This would be the case, for
220	   example, when establishing a key by means of Diffie Hellman
221	   [Schneier] Key Exchange algorithm.

223	   The Algorithm element is a generalised place to place any type of
224	   algorithm used within the signed IOTP message. The Algorithm may be a
225	   Signature algorithm or a Digest algorithm.  Each algorithm contains
226	   parameters specific to the algorithm used.

228	   <Algorithm type="digest" id=12>
229	     (algorithm information block)
230	   </Algorithm>

232	   Algorithms are required to contain an ID which allows for indirect
233	   reference to them from other places in the XML signature.

235	4. Detailed Signature Syntax

237	4.1 Uniform Resource Names

239	   To prevent potential name conflicts in the definition of the numerous
240	   type qualifiers considered herein, this specification uses Uniform
241	   Resource Names  [RFC 2141].

243	4.2 IOTPSignatures

245	   The IOTPSignatures element is the top-level element in an IOTP
246	   signature block. It consists of a collection of Signature elements,
247	   and an optional set of Certificates.

249	   <!ELEMENT IOTPSignatures (Signature+, Certificate*) >
250	   <!ATTLIST IOTPSignatures
251	           ID             ID            #IMPLIED >

253	   Content Description

255	   Signature: A collection of Signature elements.

257	   Certificate: Zero or more certificates used for signing

259	   Attributes Description

261	   ID: Element identifier that may be used to referencing the entire
262	   Signature element from a Resource element when implementing
263	   endorsement.

265	4.3 Signature Component

267	4.3.1 Signature

269	   The Signature element constitutes the majority of this specification.
270	   It is comprised of two sub-elements. The first one is a set of
271	   attributes, known as the Manifest, which actually constitutes the
272	   authenticated part of the document.  The second sub-element consists
273	   of the signature value or values.

275	   <!ELEMENT Signature (Manifest, Value+) >
276	   <!ATTLIST Signature
277	           ID              ID            #IMPLIED >

279	   Content Description

281	   Manifest: A set of attributes that actually constitutes the
282	   authenticated part of the document.

284	   Value:  One or more encodings of signature values. Multiple values
285	   allow for a multiple algorithms to be supported within a single
286	   signature block.

288	   Attributes Description

290	   ID: Element identifier that may be used to referencing the Signature
291	   element from a Resource element when implementing endorsement.

293	4.3.2 Manifest

295	   The Manifest element consists of a collection of attributes that
296	   specify such things as as references to the resources being
297	   authenticated and an indication of the keying material and algorithms
298	   to be used.

300	   <!ELEMENT Manifest
301	           (       Algorithm+,
302	                   Digest+,
303	                   Attributes?,
304	                   OriginatorInfo,
305	                   RecipientInfo+,
306	           )
307	   <!ATTLIST Manifest
308	           LocatorHRefBase          CDATA        #IMPLIED
309	   >
310	   Content Description

312	   Algorithm: A list of algorithms used for signing, digest computation,
313	   and canonicalization.

315	   Digest: A list of digests of resources to be authentication and
316	   signed.

318	   Attributes: Optional element that consists of a collection of
319	   complementary attributes to be authenticated.

321	   OriginatorInfo: Element that provides identification and keying
322	   material information related to the originator.

324	   RecipientInfo: Optional element that provides identification and
325	   keying material information related to the recipient.

327	   Attributes Description

329	   LocatorHrefBase: The LocatorHrefBase provides a similar construct to
330	   the HTML HREFBASE attribute and implicitly sets all relative URL
331	   references within the Manifest to be relative to the HrefBase. For
332	   example, the IOTP Manifest may contain:

334	   <Manifest
335	           LocatorHrefBase='iotp:globally-unique-tid#>

337	   And subsequent Locators may be:

339	   <Locator href="C.9">

341	   An implementation should concatenate the two locator references to
342	   create the entire URL.

344	4.3.3 Algorithm

346	   This specification uses an Algorithm data type which indicates many
347	   different types of algoirithms. The Algorithm element allows for
348	   specification of sub-algorithms as parameters of the primary
349	   algorithm. This is performed via a parameter within the algorithm
350	   that provides a reference to another Algorithm. An example of this is
351	   shown in the Parameter section.

353	   <!ELEMENT Algorithm (Parameter*) > <!ATTRLIST Algorithm
354	           id             ID                #REQUIRED
355	           type     (digest|signature)      #IMPLIED
356	           name           NMTOKEN           #REQUIRED >

358	   Content Description

360	   Parameter: The contents of an Algorithm element consists of an
361	   optional collection of Parameter elements which are specified on a
362	   per algorithm basis.

364	   Attributes Description

366	   id: The ID of the algorithm is used by the Digest and RecipientInfo
367	   to refer to the signing or digest algorithm used.

369	   type: The type of algorithm, either a digest or signature. This is
370	   implied by the element to which the algorithm is referred. That is,
371	   if the DigestAlgorithmRef refers to an algorithm, it is implicit by
372	   reference that the targetted algorithm is a digest.

374	   name:  The type of the algorithm expressed as a Uniform Resource
375	   Name.

377	4.3.4 Digest

379	   The Digest element consists of the fingerprint of a given resource.
380	   This element is constructed of two sub-elements. This first one
381	   indicates the algorithm to be used for computation of the
382	   fingerprint. The second element consists of the fingerprint value.

384	   <!ELEMENT Digest (Locator, Value) >
385	   <!ATTLIST Digest
386	           DigestAlgorithmRef       IDREF    #REQUIRED
387	   >

389	   Content Description

391	   Locator: Contains a "HREF" or URL locator for the resource to be
392	   fingerprinted. References to IOTP messages.

394	   Value: Encoding of the fingerprint value.

396	   Attributes Description

398	   DigestAlgorithmRef: ID Reference of algorithm used for computation of
399	   the digest.

401	4.3.5 Attributes

403	   The Attributes element consists of a collection of complementary
404	   attributes, which are included in the authenticated part of the
405	   document. This is the area where a specific IOTP implementation may
406	   include custom attributes which must be authenticated directly.

408	   <!ELEMENT Attributes (Attribute+ )>

410	   Content Description

412	   Attribute: Collection of Attribute elements.

414	4.3.6 Attribute

416	   The Attribute element consists of a complementary piece of
417	   information, which shall be included in the authenticated part of the
418	   document. This element has been defined primarily for enabling some
419	   level of customization in the signature element. An Attribute element
420	   consists of a value, a type, and a criticality.

422	   At this time, no IOTP specific attributes are specified.

424	   <!ELEMENT Attribute ( ANY ) >
425	   <!ATTLIST Attribute
426	           type               NMTOKEN           #REQUIRED
427	           critical        ( true | false )     #REQUIRED
428	   >

430	   Content Description

432	   ANY: The actual value of an attribute depends solely upon its type.

434	   Attributes Description

436	   type:  Type of the attribute.

438	   critical: Boolean value that indicates if the attribute is critical
439	   (true) or not (false). A recipient shall reject a  signature that
440	   contains a critical attribute that he does not recognise. However, an
441	   unrecognised non-critical attribute may be ignored.

443	4.3.7 OriginatorInfo

445	   The OriginatorInfo element is used for providing identification and
446	   keying material information for the originator.

448	   <!ELEMENT OriginatorInfo ANY >
449	   <!ATTLIST OriginatorInfo
450	           OriginatorRef       NMTOKEN      #IMPLIED
451	   >

453	   Content Description

455	   ANY:  Identification and keying material information may consist of
456	   ANY construct.  Such a definition allows the adoption of
457	   application-specific schemes.  Attributes Description

459	   OriginatorRef: A reference to the IOTP Org ID of the originating
460	   signer.

462	4.3.8 RecipientInfo

464	   The RecipientInfo element is used for providing identification and
465	   keying material information for the recipient. This element is used
466	   either for enabling recognition of a Signature element by a given
467	   recipient or when determination of the authentication key consists of
468	   the combination of keying material provided by both the recipient and
469	   the originator.

471	   The RecipientInfo attributes provide a centralized location where
472	   signatures, algorithms, and certificates intended for a particular
473	   recipient are specified.

475	   The signature certificate reference ID MUST point to a certificate
476	   object.

478	   <!ELEMENT RecipientInfo ANY >
479	   <!ATTLIST RecipientInfo
480	           SignatureAlgorithmRef   IDREF        #REQUIRED
481	           SignatureValueRef       IDREF        #REQUIRED
482	           SignatureCertRef        IDREF        #IMPLIED
483	           RecipientRefs           NMTOKENS     #IMPLIED
484	   >

486	   Content Description

488	   ANY:  Identification and keying material information may consist of
489	   ANY construct.

491	   Attributes Description

493	   SignatureAlgorithmRef: A reference to the signature algorithm used to
494	   sign the SignatureValueRef intended for this recipient. The signature
495	   algorithm reference ID MUST point to a signature algorithm within the
496	   Manifest.

498	   SignatureValueRef: A reference to the signature value for this
499	   recipient. The signature value reference ID MUST point to a value
500	   structure directly included within a Manifest.

502	   SignatureCertRef: A reference to the certificate used to sign the
503	   Value pointed to by the SignatureValueRef.

505	   RecipientRefs: A list of references to the IOTP Org ID of the
506	   recipients this signature is intended for.

508	4.3.9 Parameter

510	   A Parameter element provides the value of a particular algorithm
511	   parameter, whose name and format have been specified for the
512	   algorithm considered.

514	   <!ELEMENT Parameter ANY >
515	   <!ATTLIST Parameter
516	           type       PCDATA       #REQUIRED
517	   >

519	   For IOTP 1.0, the following parameter type is standardized:
520	   "AlgorithmRef".

522	   An AlgorithmRef contains an ID of a "sub-Algorithm" used when
523	   computing a sequence of algorithms. For example, a signature
524	   algorithm actually signs a digest algorithm. To specify a chain of
525	   algorithms used to compute a signature, AlgorithmRef parameter types
526	   are used in the following manner:

528	   <Algorithm ID=A1 type="digest" name="urn:ibm:dom-hash">
529	           <Parameter type='AlgorithmRef'>A2</Parameter>
530	   </Algorithm>
531	   <Algorithm ID=A2 type="digest" name="urn:fips:sha1">
532	   </Algorithm>
533	   <Algorithm ID=A3 type="signature" name="urn:ibm:hmac">
534	           <Parameter type='AlgorithmRef'>A1</Parameter>
535	   </Algorithm>

537	   Content Description

539	   ANY:  The contents of a Parameter element consists of ANY valid
540	   construct, which is specified on a per algorithm per parameter basis.

542	   Attributes Description
543	   type:  The type of the parameter expressed as a free form string,
544	   whose value is specified on a per algorithm basis.

546	4.4 Certificate Component

548	4.4.1 Certificate

550	   The Certificate element may be used for either providing the value of
551	   a digital certificate or specifying a location from where it may be
552	   retrieved.

554	   <!ELEMENT Certificate
555	   (       IssuerAndSerialNumber
556	           ( Value | Locator ) )
557	   >
558	   <!ATTLIST Certificate
559	           ID           ID           #IMPLIED
560	           type         NMTOKEN      #REQUIRED >

562	   Content Description

564	   IssuerAndSerialNumber:  Unique identifier of this certificate. This
565	   element has been made mandatory is order to prevent unnecessary
566	   decoding during validation of a certificate chain. This feature also
567	   helps certificates caching, especially when the value is not directly
568	   provided.

570	   Value: Encoding of the certificate value. The actual value to be
571	   encoded depends upon the type of the certificate.

573	   Locator: XML link element that could be used for retrieving a copy of
574	   the digital certificate. The actual value being returned by means of
575	   this locator depends upon the security protocol being used.

577	   Attributes Description

579	   type:  Type of the digital certificate. This attribute is specified
580	   as a Universal Resource Name, as indicated in the "Supported
581	   Algorithms" section.

583	4.4.2 IssuerAndSerialNumber

585	   The IssuerAndSerialNumber element identifies a certificate, and
586	   thereby an entity and a public key, by the name of the certificate
587	   issuer and an issuer-specific certificate identification.

589	   <!ELEMENT IssuerAndSerialNumber EMPTY >
590	   <!ATTLIST IssuerAndSerialNumber
591	           issuer        CDATA         #REQUIRED
592	           number        CDATA         #REQUIRED >

594	   Attributes Description

596	   issuer: Name of the issuing certification authority.

598	   number: Issuer-specific certificate identification.

600	4.5 Common Components

602	4.5.1 Value

604	   A value contains the "raw" data of a signature or digest algorithm,
605	   usually in a base-64 encoded form. See [RFC 2045] for algorithm used
606	   to base-64 encode data.

608	   <!ELEMENT Value ( #PCDATA ) > <!ATTLIST Value
609	           id                ID            #IMPLIED
610	           encoding      (base64|none)     #IMPLIED       'base64' >

612	   Content Description

614	   PCDATA:  Content value after adequate encoding.

616	   Attributes Description

618	   encoding:  This attribute specifies the decoding scheme to be
619	   employed for recovering the original byte stream from the content of
620	   the element. This document recognises the following two schemes:

622	   none: the content has not been subject to any particular encoding.
623	   This does not preclude however the use of native XML encoding such as
624	   CDATA section or XML escaping.

626	   base64: The content has been encoded by means of the base64 encoding
627	   scheme.

629	4.5.2 Locator

631	   The Locator element consists of simple XML link [XLink].  This
632	   element allows unambiguous reference to a resource or fragment of a
633	   resource.

635	   <!ELEMENT Locator EMPTY>
636	   <!ATTLIST Locator
637	           xml:link         CDATA        #FIXED         'simple'
638	           href             CDATA        #REQUIRED >

640	   Attributes Description

642	   xml:link: Required XML link attribute that specifies the nature of
643	   the link (simple in this case).

645	   href: Locator value that may contains either a URI [RFC 2396], a
646	   fragment identifier, or both.

648	5. Supported Algorithms

650	   The IOTP specification 1.0 requires the implementation of the DOM-
651	   HASH, SHA1, MD5, DSA, and HMAC algorithms to provide a compliant
652	   implementation of IOTP 1.0.  Implementation of RSA is also
653	   recommended.

655	5.1 Digest Algorithms

657	   This specification contemplates two types of digest algorithms, both
658	   of which provide a digest string as a result:

660	   Surface string digest algorithms

662	   These algorithms do not have any particular knowledge about the
663	   content being digested and operate on the raw content value. Changes
664	   in the surface string of a given content affect directly the value of
665	   the digest being produced.

667	   Canonical digest algorithms

669	   These algorithms have been tailored for a particular content type and
670	   produce a digest value that depends upon the core semantics of such
671	   content. Changes limited to the surface string of a given content do
672	   not affect the value of the digest being produced.

674	5.1.1 DOM-HASH

676	   XML canonical digest algorithm proposed by IBM Tokyo Research
677	   Laboratory. This algorithm operates on the DOM representation of the
678	   document and provides an unambiguous means for recursive computation
679	   of the hash value of the nodes that constitute the DOM tree.

681	   The DOM-HASH algorithm requires a single parameter, which shall
682	   consist of a surface string digest algorithm such as SHA1.

684	   The DOM-HASH URN used for this specification is "urn:ibm:dom-hash".

686	   Example
687	   <Algorithm name="urn:ibm:dom-hash" type=digest>
688	   </Algorithm>

690	5.1.2 SHA1

692	   Surface string digest algorithm designed by hte US government for use
693	   with the Digital Signature Standard. This algorithm produces a 160-
694	   bit hash value.

696	   This algorithm does not require any parameter.

698	   The SHA1 URN used for this specification is "urn:fips:sha1".

700	5.1.3 MD5

702	   The MD5 Algorithm was invented by RSA Data Securities and is similar
703	   to its predecessors, MD2 and MD4, but faster and simpler than MD2
704	   while stronger than MD4. [RFC 1321]

706	   The MD5 Algorithm takes no parameters.

708	   The MD5 URN used for this specification is "urn:rsa:md5".

710	5.2 Signature Algorithms

712	   This specification uses the terminology of 'digital signature' for
713	   qualifying indifferently digital signature and message authentication
714	   codes.  Thus, the signature algorithms contemplated herein include
715	   public key digital signature algorithms such as DSA and message
716	   authentication codes such as HMAC [RFC 2104].

718	5.2.1 DSA

720	   TODO

722	   The DSA URN used in this specification is "urn:fips:dsa".

724	5.2.2 HMAC

726	   Generalities [RFC 2104] TODO

728	   The HMAC URN used in this specification is is "urn:ibm:hmac".

730	5.2.3 RSA

732	   TODO

734	   The RSA URN used in this specification is "urn:rsa:rsa".

736	6. Examples

738	   The following is an example signed IOTP message:

740	   <OtpMessage>
741	       <TransRefBlk ID=C.1>
742	           <TransId
743	               ID=C.2
744	               version="1.0"
745	               OtpTransID="foo"
746	               OtpTransType="foo"
747	               TransTimeStamp=1258402394>
748	           </TransId>
749	           <MsgId xml:lang=en SoftwareID=1.0>
750	           </MsgId>
751	       </TransRefBlk>
752	       <AuthReqBlk ID=C.3>
753	           <Org
754	               ID=C.7
755	               OrgId="shop 1.0"
756	               OtpMsgIdPrefix="foo"
757	               ShortDesc="Widgets,Inc."
758	               LogoNetLocn="http://www.widgets.com/Banner2.12.99.gif">
759	               <TradingRole ID=C.8 TradingRole="foo">
760	               </TradingRole>
761	               <ContactInfo Tel="408-864-0600" Email="info@widgets.com">
762	               </ContactInfo>
763	           </Org>
764	       </AuthReqBlk>
765	       <IOTPSignatures>
766	           <Signature>
767	               <Manifest LocatorHrefBase="iotp:">
768	                   <Algorithm name="urn:sha1" type=digest ID=S.1>
769	                   </Algorithm>
770	                   <Algorithm name="urn:rsa" type=signature ID=S.2>
771	                       <Parameter type=AlgorithmRef>S.1</Parameter>
772	                   </Algorithm>
773	                   <Algorithm name="urn:dom-hash" type=digest ID=S.3>
774	                       <Parameter type=AlgorithmRef>S.1</Parameter>
775	                   </Algorithm>
776	                   <Digest DigestAlgorithmRef=S.3>
777	                       <Locator href="C.1"/>
778	                       <Value>
779	                           xsqsfasDys2h44u4ehJDe54he5j4dJYTJ=
780	                       </Value>
781	                   </Digest>
782	                   <Digest DigestAlgorithmRef=S.3>
783	                       <Locator href="C.3"/>
784	                       <Value>
785	                           ked0Ks01k2d7a0kgmf9dk19lf63kkDSs0=
786	                       </Value>
787	                   </Digest>
788	                   <OriginatorInfo
789	                       OriginatorRef=C.7>
790	                   </OriginatorInfo>
791	                   <RecipientInfo
792	                       SignatureAlgorithmRef=S.2
793	                       SignatureValueRef=V.1
794	                       RecipientRef=M.8>
795	                   </RecipientInfo>
796	               </Manifest>
797	               <Value ID=V.1>
798	                   9dj28fjakA9sked0Ks01k2d7a0kgmf9dk19lf63kkDSs0=
799	               </Value>
800	           </Signature>
801	       </IOTPSignatures>

803	   </OtpMessage>

805	7. Signature DTD

807	   <!--
808	   ******************************************************
809	   * IOTP SIGNATURES BLOCK DEFINITION                   *
810	   ******************************************************
811	   -->

813	   <!ELEMENT IOTPSignatures (Signature+, Certificate*) >
814	   <!ATTLIST IOTPSignatures
815	           ID        ID        #IMPLIED >

817	   <!--
818	   ******************************************************
819	   * IOTP SIGNATURE COMPONENT DEFINITION                *
820	   ******************************************************
821	   -->

823	   <!ELEMENT Signature (Manifest, Value+) >
824	   <!ATTLIST Signature
825	           ID         ID        #IMPLIED >

827	   <!ELEMENT Manifest
828	           (       Algorithm+,
829	                   Digest+,
830	                   Attributes?,
831	                   OriginatorInfo,
832	                   RecipientInfo+,
833	           )
834	   <!ATTLIST Manifest
835	           LocatorHRefBase       CDATA         #IMPLIED
836	   >

838	   <!ELEMENT Algorithm (Parameter*) >
839	   <!ATTRLIST Algorithm
840	           id                    ID                #REQUIRED
841	           type            (digest|signature)      #IMPLIED
842	           name                  NMTOKEN           #REQUIRED >

844	   <!ELEMENT Digest (Locator, Value) >
845	   <!ATTLIST Digest
846	           DigestAlgorithmRef    IDREF             #REQUIRED
847	   >
848	   <!ELEMENT Attributes (Attribute+) >

850	   <!ELEMENT Attribute ( #PCDATA ) >
851	   <!ATTLIST Attribute
852	           type                   NMTOKEN           #REQUIRED
853	           critical            ( true | false )     #REQUIRED
854	   >

856	   <!ELEMENT OriginatorInfo ANY >
857	   <!ATTLIST OriginatorInfo
858	           OriginatorRef           NMTOKEN          #IMPLIED
859	   >

861	   <!ELEMENT RecipientInfo ANY >
862	   <!ATTLIST RecipientInfo
863	           SignatureAlgorithmRef   IDREF            #REQUIRED
864	           SignatureValueRef       IDREF            #REQUIRED
865	           SignatureCertRef        IDREF            #IMPLIED
866	           RecipientRefs           NMTOKENS         #IMPLIED
867	   >

869	   <!ELEMENT Parameter ANY >
870	   <!ATTLIST Parameter
871	           type                     PCDATA           #REQUIRED
872	   >

874	   <!--
875	   ******************************************************
876	   * IOTP CERTIFICATE COMPONENT DEFINITION              *
877	   ******************************************************
878	   -->
879	   <!ELEMENT Certificate
880	   (       IssuerAndSerialNumber
881	           ( Value | Locator ) )
882	   >
883	   <!ATTLIST Certificate
884	           ID                        ID                #IMPLIED
885	           type                      NMTOKEN           #REQUIRED >

887	   <!ELEMENT IssuerAndSerialNumber EMPTY >
888	   <!ATTLIST IssuerAndSerialNumber
889	           issuer                     CDATA            #REQUIRED
890	           number                     CDATA            #REQUIRED >

892	   <!--
893	   ******************************************************
894	   * IOTP SHARED COMPONENT DEFINITION                   *
895	   ******************************************************
896	   -->
897	   <!ELEMENT Value ( #PCDATA ) >
898	   <!ATTLIST Value
899	           id              ID           #IMPLIED
900	           encoding    (base64|none)    #IMPLIED      'base64'
901	   >

903	   <!ELEMENT Locator EMPTY>
904	   <!ATTLIST Locator
905	           xml:link        CDATA         #FIXED        'simple'
906	           href            CDATA         #REQUIRED >

908	8. References

910	   [RFC 1321] - R. Rivest, "The MD5 Message-Digest Algorithm", April
911	   1992.

913	   [RFC 2045]- N. Freed & N. Borenstein, "Multipurpose Internet Mail
914	   Extensions (MIME) Part One: Format of Internet Message Bodies",
915	   November 1996.

917	   [RFC 2046] - N. Freed & N. Borenstein, "Multipurpose Internet Mail
918	   Extensions (MIME) Part Two: Media Types", November 1996.

920	   [RFC 2104] - H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-
921	   Hashing for Message Authentication", February 1997.

923	   [RFC 2141] - R. Moats, "URN Syntax", May 1997.

925	   [RFC 2396] - T. Berners-Lee, R. Fielding, L. Masinter, "Uniform
926	   Resource Identifiers (URI): Generic Syntax", August 1998.

928	   [Schneier] - Bruce Schneier, "Applied Cryptography: Protocols,
929	   Algorithms, and Source Code in C", 1996, John Wiley and Sons

931	   [XLink] - Eve Maler, Steve DeRose, "XML Linking Language (XLink)",
932	   <http://www.w3.org/TR/1998/WD-xlink-19980303>

934	   [XML] - Tim Bray, Jean Paoli, C. M. Sperber-McQueen, "Extensible
935	   Markup Language (XML) 1.0", <http://www.w3.org/TR/1998/REC-xml-
936	   19980210>

938	9. Credits

940	   This document is based on work originally done on general XML digital
941	   signatures by Richard Brown at GlobeSet, Inc. <rdbrown@GlobeSet.com>
942	   but has been narrowed and changed.

944	   The editor of this document is:

946	        Kent M. Davidson
947	        Differential, Inc.
948	        10054 Pasadena Ave.
949	        Cupertino, CA 95014 USA

951	        email: kent@differential.com

953	   Contributors to the design of the IOTP DTD include, in alphabetic
954	   order:

956	   David Burdett, Mondex

958	   Andrew Drapp, Hitachi

960	   Donald Eastlake 3rd, IBM

962	   Yoshiaki Kawatsura, Hitachi

964	Expiration and File Name

966	   This draft expires August 1999.

968	   Its file name is draft-ietf-trade-iotp-v1.0-dsig-00.txt.