RealTime IT News

W3C Makes XML Signatures More Portable

The World Wide Web Consortium (W3C) Thursday advanced a recommendation critical to the XML family of technologies; a recommendation which is especially important to Web services.

Exclusive XML Canonicalization builds on the previous Canonical XML recommendation, enabling the portability of fragments of XML documents while preserving digital signatures.

The new recommendation provides a method of serializing an XML fragment into a portable and canonical form. Combined with the XML Signature recommendation, produced by the W3C and Internet Engineering Task Force (IETF) in February, Exclusive XML Canonicalization ensures the integrity of documents and protocol messages that travel between multiple XML processors.

Digital signatures are essential for documents that represent commitments, like contracts, price lists and manifests. They are also considered a mandatory component of many Web services models. However, various XML processors can introduce incidental changes to documents during processing, which could invalidate the signatures.

The Exclusive XML Canonicalization recommendation makes it possible to remove those incidental changes. It also provides a way to canonicalize a portion of the XML document so that it is independent of its XML context.

The W3C explained that this is an especially important feature for signed XML in protocol applications:

"This is because, in protocol applications, it is common to envelope XML in various layers of message or transport elements, to strip off such enveloping, and to construct new protocol messages, parts of which were extracted from different messages previously received. If the pieces of XML in question are signed, they need to be canonicalized in a way such that these operations do not break the signature but the signature still provides as much security as possible."