Activity
6.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<title>XML Encryption Activity Statement</title>
<link type="text/css" rel="stylesheet"
href="../../StyleSheets/activity.css" />
<style type="text/css">
<!--
body { background: #fff; color: #000; } /* for Windows IE3 */
-->
</style>
</head>
<body xml:lang="en" lang="en">
<p><a href="http://www.w3.org/"><img src="http://www.w3.org/Icons/w3c_home"
alt="W3C" height="48" width="72" /></a><a
href="http://www.w3.org/tands/"><img src="http://www.w3.org/Icons/tands"
alt="Technology and Society Domain" height="48" width="212" /></a><img
src="http://www.w3.org/Icons/ActivityStatement" alt="Activity Statement"
/></p>
<h1>XML Encryption<br />
Activity Statement</h1>
<div class="splash">
<p>Work on Encryption is being managed as part of W3C's <a
href="../../TandS/">Technology and Society</a> domain.</p>
</div>
<ol>
<li><a href="#intro">Introduction</a></li>
<li><a href="#role">Role of W3C</a></li>
<li><a href="#current">Current Situation and Accomplishments</a></li>
<li><a href="#future">What the Future Holds</a></li>
<li><a href="#contact">Contact</a></li>
</ol>
<h2><a id="intro" name="intro"></a>Introduction</h2>
<p>Encryption renders data (plain-text) confidential (cipher-text) such that
it can be safely stored or transmitted and only the intended recipients can
restore the data to its original form. This feature is important given that
many applications are using the Internet to exchange sensitive information
such as payment and purchase orders. In view of recent Web technology
developments, the work of the XML Encryption Activity is to specify XML
encryption syntax and processing for encrypting XML in whole or part (e.g.,
element). This can then be used by XML applications, such as <a
href="http://www.w3.org/2000/xp/">XML Protocol</a>.</p>
<div class="color">
<h2>Concepts Simply Explained</h2>
<h3>Overview</h3>
<p>Encryption is the process of securing information so that while it is
accessible to a wide community (those with access to your hard drive or
network) it is not meaningful to those unintended intermediaries and
eavesdroppers. The data has been rendered opaque by mathematically scrambling
(encrypting) it in a way that makes it unreadable to anyone except those
possessing the secret (key) to unscramble (decrypt) it. The two most common
types of cryptography are symmetric (same key) and asymmetric (public-key)
cryptography. In symmetric key cryptography, a message is encrypted and
decrypted using the same key, which must be confidentially exchanged in a
separate transmission. For instance, two people could take a message
represented in binary and scramble it with a random set of binary digits (one
time pad); only the other party possessing the same secret can descramble the
message. Of course, this begs the question of how one securely exchanges the
one time pad!</p>
<p>This question is addressed by public-key (asymmetric) cryptography wherein
every party to a communication has a public and private key that are
inversely related to each other. Any message encrypted with the publicly
available key can only be decrypted by its corresponding privately held key.
Interestingly, this same relationship permits for public-key <a
href="http://www.w3.org/Signature/">digital signatures</a> wherein any person
with the public key can confirm that a person with the corresponding private
key used it to secure the message. Because symmetric (same) key cryptography
is very efficient, confidential interactions frequently start by exchanging a
symmetric key using asymmetric (public) key cryptography.</p>
<h3>Encryption and XML</h3>
<p>The <a href="http://w3.org">W3C's</a> <a
href="http://www.w3.org/TR/REC-xml">Extensible Markup Language (XML)</a>
Recommendation specifies a standard syntax for structuring Web documents. An
XML document can be secured using many of the existing cryptographic
standards. However, many XML applications need to encrypt portions of XML
documents such that some data can be secured, while other data is still
available. Additionally, this feature needs to work with the selective
signing feature of <a href="http://www.w3.org/Signature/">XML
Signature</a>.This is the motivation of the XML Encryption Activity.</p>
</div>
<h2><a id="role" name="role">Role of W3C</a><a
href="http://www.w3.org/TR/REC-rdf-syntax"></a></h2>
<p>This Working Group is an Activity of the W3C.</p>
<h2><a id="current" name="current">Current Situation and
Accomplishments</a></h2>
<p>All chartered deliverables have been completed.</p>
<p>In March 2002, the Working Group published a <a
href="http://www.w3.org/TR/xml-encryption-req">XML Encryption
Requirements</a> W3C Note. In December 2002, <a
href="http://www.w3.org/TR/xmlenc-core/">XML Encryption Syntax and
Processing</a> and the <a
href="http://www.w3.org/TR/xmlenc-decrypt">Decryption Transform for XML
Signature</a> were published as Recommendations. There are 4 implementations
<a href="http://www.w3.org/Encryption/2002/02-xenc-interop.html">reporting
interoperability</a>, including 1 open source.</p>
<h2><a id="future" name="future">What the Future Holds</a></h2>
<p>The XML Encryption Working Group charter terminated on <span
class="endingDate">2002-12-31</span>. The mailing list may be used for
discussion of errata, operational experience, and requirements for new
work.</p>
<h2><a id="contact" name="contact">Contact</a></h2>
<address>
<a href="http://www.w3.org/People/Reagle/Overview.html">Joseph M. Reagle
Jr.</a>, <<a href="mailto:reagle@w3.org">reagle@w3.org</a>> W3C
Activity Lead and Chair
</address>
<div class="footer">
<hr />
<p><a href="http://validator.w3.org/"><img src="/Icons/valid-xhtml10"
alt="Valid XHTML 1.0!" height="31" width="88" /></a></p>
</div>
<p>Last modified $Date: 2003/05/14 09:17:51 $</p>
<p><a rel="Copyright"
href="/Consortium/Legal/ipr-notice#Copyright">Copyright</a> © 2001-2003 <a
href="/"><acronym
title="World Wide Web Consortium">W3C</acronym></a><sup>®</sup> (<a
href="http://www.lcs.mit.edu/"><acronym
title="Massachusetts Institute of Technology">MIT</acronym></a>, <a
href="http://www.ercim.org/"><acronym
title="European Research Consortium for Informatics and Mathematics">ERCIM</acronym></a>,
<a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a
href="/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a
href="/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a>, <a
rel="Copyright" href="/Consortium/Legal/copyright-documents">document use</a>
and <a rel="Copyright" href="/Consortium/Legal/copyright-software">software
licensing</a> rules apply. Your interactions with this site are in accordance
with our <a href="/Consortium/Legal/privacy-statement#Public">public</a> and
<a href="/Consortium/Legal/privacy-statement#Members">Member</a> privacy
statements.</p>
<p></p>
</body>
</html>