IETF-45 xmldsig

Author: Joseph Reagle

Audience:� Legal XML

Question: Overview of W3C and XML

References:

• About�W3C and W3C in Seven Points
• http://www.w3.org/XML/

W3C and XML

Joseph M. Reagle Jr.
<reagle@w3.org>

IETF/W3C XML Signature Co-Chair
W3C/LCS/MIT

Agenda

1. Market Big Picture
2. Introduction to W3C
3. Data Big Picture
4. XML Shotgun Review

Market (Big Picture)

• XML architecture standardization:� W3C.
• Vertical market standardization:
  • Third Party: BizTalk, Oasis, etc.
  • Native:� ebXML, XBRL, Legal XML, etc.
• Public implementations: XML-Apache, IBM alphaWorks, XML in Mozilla, etc.

W3C Work Products

• Web components : HTTP 1.1, HTML 3.2 & HTML 4.0
• Presentation : CSS1, CSS2
• Multimedia : PNG, WebCGM, SMIL 1.0, SVG
• Document Structure : XML 1.0, DOM Level 1, MathML
• Metadata : RDF
• Trust : P3P, XML Signature, and recent XML Encryption Workshop
• Web Accessibility Initiative : Web Content, Authoring Tool, and User Agent Accessibility Guidelines

W3C Background

• Host sites: MIT-LCS, INRIA, Keio University
• Offices: United Kingdom, Germany, Sweden, Netherlands, Greece, Italy, Hong Kong, Taiwan, Morocco, Tunisia
• 450+ Member Organizations
• 500+ Working Group participants at any time
• Team: ~60 people

Data (Big Picture)

1. Syntax is how information is represented.
2. Semantics is what information means.
   1. Semantics are sometimes borrowed from the natural language.
   2. Semantics are sometimes inherent to the structure.
   3. Semantics are sometimes derived from logic. (e.g., RDF is used to describe the relationship between a (resource, property, value).)
3. Schemas describe a particular syntax, as well as the semantics of that syntax's structure.
4. The more syntax and semantics an agent can understand without human intervention, the more powerful and flexible the agent becomes.

XML 1.0 and namespaces

6 October 2000: Extensible Markup Language (XML) 1.0 (Second Edition)

• subset of SGML
• describes class of data objects with a grammar and processor semantics.
• definitions of well formed and valid (using DTD) instances

14-January-1999. Namespaces in XML

• provide a simple method for qualifying element and attribute names
• permits content to be mixed together without collisions or ambiguity
• recent plenary decision said relative URIs are deprecated

XML Schema

24 October 2000: XML Schema Part 1: Structures

• written in XML and extends capabilities of DTDs.
• namespace aware
• enables very flexible content model specification by authors
• enables definition of types which can then be inherited, constrained, restricted, and extended.

XML Information Set

• data model for tree of elements with attributes
  • largely implicit in the XML 1.0 spec
  • motivated by questions from DOM development
• named properties: children, base URI, etc.
  • provides shared terminology for future specs
• other specs (e.g. XML Schema) may refine this model with other properties

Canonical XML

• An Information Set (the data and its structure) can be expressed in many ways (e.g., white-space, attribute ordering, character encoding, namespace prefixes).
• Canonical XML is a consistent way of expressing an Information Set.
• Necessary for Signatures such that minor and permitted variances (the reordering of an elements attributes) don't break the signature.

XML Linking

generalize HTML A, IMG, LINK

<my:crossReference
  xmlns:xlink="http://www.w3.org/1999/xlink"
  xmlns:my="http://me.com/"
  xlink:type="simple"
  xlink:href="students.xml"
  xlink:role="studentlist" xlink:title="Student List"
  xlink:show="new" xlink:actuate="onRequest">
    Current List of Students
</my:crossReference>

XPointer/XPath

• fragment identifier syntax for text/xml
• point to named or unnamed structures
• examples:
  • #intro
  • #xpointer(id("intro"))
  • #xpointer(book/chapter[position() <= 5])

XSLT (Transforms)

• Transform an XML document into a different XML document (including an XML document with style/presentation markup).
• For instance, could transform a legal XML document into an XHTML document.

XML Signature

• The meaning of a signature is simple:� The XML-signature syntax associates the content of resources listed with a key via a cryptographic operation.
• XML-signatures are generated from a hash over a list of references and the digest value of the references' content.
• Meets requirement of signing portions of documents via transforms (i.e., XPath/XSLT)
• Enables enveloped signatures (signature within content being signed), enveloping signatures (content is within signature being signed) and detached signatures (over data�external to the signature document).
• Algorithm extensible
• Uses namespaces and XML Schema

Cool Upcoming XML Apps at W3C

• XML Protocol: An envelope for encapsulating XML data to be transferred in an interoperable manner that allows for distributed extensibility and evolvability as well as intermediaries. [Chartered]
• XML Encryption: An XML syntax for representing encrypted data. In particular, for representing portions of an XML document (i.e., elements, perhaps attribute values) [Not chartered: Workshop Minutes]