Secure XML: The New Syntax for Signatures and Encryption |
By Donald E. Eastlake, Kitty Niles |
| |
Publisher | : Addison Wesley |
Pub Date | : July 19, 2002 |
ISBN | : 0-201-75605-6 |
Pages | : 560 |
| Copyright |
| | Preface |
| | | Notations |
| | | Acknowledgments |
|
| | Part I. Introduction |
| | | Chapter 1. XML and Security |
| | | Section 1.1. XML |
| | | Section 1.2. The Need for Secure XML |
| | | Section 1.3. Status of XML Security Standardization |
| | | Section 1.4. Work in Progress |
|
| | | Chapter 2. Digital Cryptography Basics |
| | | Section 2.1. Message Digests |
| | | Section 2.2. Message Authentication Codes |
| | | Section 2.3. Secret or Symmetric Key Ciphers |
| | | Section 2.4. Public or Asymmetric Key Ciphers |
| | | Section 2.5. Asymmetric Keys and Authentication |
| | | Section 2.6. Digital Signatures |
| | | Section 2.7. Certificates |
| | | Section 2.8. Enveloped Encryption |
| | | Section 2.9. Canonicalization |
| | | Section 2.10. Randomness |
| | | Section 2.11. Other Facets of Security |
| | | Section 2.12. Cryptography: A Subtle Art |
|
|
| | Part II. XML Basics |
| | | Chapter 3. The Extensible Markup Language |
| | | Section 3.1. Related Standards and Recommendations |
| | | Section 3.2. XML Documents |
| | | Section 3.3. XML Document Structure |
| | | Section 3.4. XML Document Logical Structure |
| | | Section 3.5. XML Namespaces |
| | | Section 3.6. XML Document Physical Structure |
| | | Section 3.7. XML and Stylesheets |
|
| | | Chapter 4. XML Document Type Definitions |
| | | Section 4.1. Introduction to DTDs |
| | | Section 4.2. Document Type Declarations |
| | | Section 4.3. Element Type Declarations |
| | | Section 4.4. Defining Attributes in DTDs |
| | | Section 4.5. Entity Reference Declarations |
| | | Section 4.6. Notation Declarations |
|
| | | Chapter 5. XML Schema |
| | | Section 5.1. Overview |
| | | Section 5.2. Types |
| | | Section 5.3. Elements and Attributes |
| | | Section 5.4. Namespaces |
| | | Section 5.5. Miscellaneous Aspects of Schemas |
| | | Section 5.6. Parts Not Covered |
|
| | | Chapter 6. XPath: A Basic Building Block |
| | | Section 6.1. Introduction to XPath |
| | | Section 6.2. Data Model |
| | | Section 6.3. Location Paths |
| | | Section 6.4. Expressions |
| | | Section 6.5. Function Library |
|
| | | Chapter 7. URIs, xml:base, and XPointer |
| | | Section 7.1. URIs |
| | | Section 7.2. xml:base |
| | | Section 7.3. XPointer |
|
| | | Chapter 8. SOAP |
| | | Section 8.1. Introduction to SOAP |
| | | Section 8.2. SOAP Envelope, Message Exchange, and Processing Model |
| | | Section 8.3. SOAP Encoding |
| | | Section 8.4. SOAP Transport Binding and HTTP |
| | | Section 8.5. SOAP Remote Procedure Call |
|
|
| | Part III. Canonicalization and Authentication |
| | | Chapter 9. XML Canonicalization: The Key to Robustness |
| | | Section 9.1. Canonicalization Essential for Signatures Over XML |
| | | Section 9.2. Canonical XML and XML Encryption |
| | | Section 9.3. Transformative Summary |
| | | Section 9.4. The XML Canonicalization Data Model |
| | | Section 9.5. Formal Generative Specification |
| | | Section 9.6. Limitations of XML Canonicalization |
|
| | | Chapter 10. XML Signatures and Authentication |
| | | Section 10.1. Introduction to XML Digital Signatures |
| | | Section 10.2. XML Signature Syntax |
| | | Section 10.3. XML Signature Examples |
| | | Section 10.4. Transforms and the Use of XPath |
| | | Section 10.5. Processing Rules |
| | | Section 10.6. Security of Signatures |
|
| | | Chapter 11. Profiling XMLDSIG for Applications |
| | | Section 11.1. P3P XMLDSIG |
| | | Section 11.2. SOAP XMLDSIG |
|
| | | Chapter 12. ETSI "Advanced" XML Signatures |
| | | Section 12.1. Levels of XAdES Signature |
| | | Section 12.2. XAdES Signature Syntax Basics |
| | | Section 12.3. XAdES Signature Elements Syntax |
| | | Section 12.4. Validation Data Syntax |
|
|
| | Part IV. Keying |
| | | Chapter 13. The KeyInfo Element |
| | | KeyInfo Element Syntax |
| | | KeyInfo Child Elements |
| | | Private Keys |
| | | Section 13.1. The KeyValue Element |
| | | Section 13.2. The EncryptedKey Element |
| | | Section 13.3. The RetrievalMethod Element |
| | | Section 13.4. The AgreementMethod Element |
| | | Section 13.5. The KeyName Element |
| | | Section 13.6. The X509Data Element |
| | | Section 13.7. The PGPData Element |
| | | Section 13.8. The SPKIData Element |
| | | Section 13.9. The MgmtData Element |
|
| | | Chapter 14. XKMS: XML Key Management |
| | | Namespaces |
| | | Section 14.1. The Key Information Service |
| | | Section 14.2. XKMS Common Data Elements |
| | | Section 14.3. The Key Registration Service |
| | | Section 14.4. XKMS Cryptographic Algorithms |
| | | Section 14.5. Security Considerations |
|
|
| | Part V. Encryption |
| | | Chapter 15. XML Encryption |
| | | Section 15.1. Introduction to XML Encryption |
| | | Section 15.2. XML Encryption Syntax |
| | | Section 15.3. Encryption Examples |
| | | Section 15.4. Processing Flow |
| | | Section 15.5. Encryption Security Considerations |
|
| | | Chapter 16. Combining Encryption and Signature |
| | | Section 16.1. General Considerations |
| | | Section 16.2. The Decryption Transform |
|
|
| | Part VI. Algorithms |
| | | Chapter 17. Overview of Algorithms |
| | | Section 17.1. Algorithm Syntax |
| | | Section 17.2. Algorithmic Roles |
|
| | | Chapter 18. Cryptographic Algorithms |
| | | Section 18.1. Message Digests |
| | | Section 18.2. Key Agreement Algorithms |
| | | Section 18.3. Message Authentication Codes |
| | | Section 18.4. Signature Algorithms |
| | | Section 18.5. Block Encryption Algorithms |
| | | Section 18.6. Stream Encryption Algorithms |
| | | Section 18.7. Key Transport Algorithms |
| | | Section 18.8. Symmetric Key Wrap Algorithms |
|
| | | Chapter 19. Non-cryptographic Algorithms |
| | | Section 19.1. Canonicalization Algorithms |
| | | Section 19.2. Transformation Algorithms |
|
|
| | Part VII. Appendixes |
| | | Appendix A. XML Security Implementations |
| | | Section A.1. Apache |
| | | Section A.2. Baltimore Technologies |
| | | Section A.3. Capslock |
| | | Section A.4. Done Information |
| | | Section A.5. DSTC |
| | | Section A.6. Entrust |
| | | Section A.7. Fujitsu |
| | | Section A.8. GapXse |
| | | Section A.9. HP Web Services |
| | | Section A.10. IAIK |
| | | Section A.11. IBM |
| | | Section A.12. Infomosaic |
| | | Section A.13. JDSS II |
| | | Section A.14. Mather |
| | | Section A.15. Microsoft |
| | | Section A.16. NEC |
| | | Section A.17. Phaos Technology |
| | | Section A.18. Poupou |
| | | Section A.19. RSA Security |
| | | Section A.20. Siggen |
| | | Section A.21. Verisign |
| | | Section A.22. W3C |
| | | Section A.23. WebSig |
| | | Section A.24. Wedgetail |
| | | Section A.25. XML Sec |
|
| | | Appendix B. The W3C and W3C Documents |
| | | Section B.1. Access to W3C Documents |
| | | Section B.2. W3C Document Status |
| | | Section B.3. W3C Document Format |
| | | Section B.4. W3C Document Disclaimer |
| | | Section B.5. W3C Software Disclaimer |
|
| | | Appendix C. The IETF and IETF Documents |
| | | Section C.1. RFC Status |
| | | Section C.2. Access to RFCs |
| | | Section C.3. RFC Format |
|
| | | Appendix D. The NIST and NIST Documents |
| | | Section D.1. Access to NIST FIPS Documents |
| | | Section D.2. Status of NIST Documents |
| | | Section D.3. Format of FIPS |
|
| | | Appendix E. The Paper and Protocol Points of View |
| | | Section E.1. The Basic Points of View |
| | | Section E.2. Questions of Meaning |
| | | Section E.3. Processing Models |
| | | Section E.4. Security and Canonicalization |
| | | Section E.5. Unique Internal Labels |
| | | Section E.6. Examples |
| | | Section E.7. Resolution of the Points of View |
|
| | | Appendix F. SOAP Encoding Schema |
| | | References and Acronyms |
|