Chapter 10. XML Signatures and Authentication

XML digital authentication is accomplished by means of XML data structures called digital signatures, as described in this chapter.


For simplicity, readability, and historical reasons, the term "signature" in this book usually refers to the general class of digital authentication values. Strictly speaking, "digital signature" refers to authentication values based on public key systems. Symmetric secret key authentication values are more properly called "authentication codes"; this book uses that term, or "authenticator," when referring to that type of authentication.

After an introduction to the XML Digital Signatures standard [XMLDSIG] in Section 10.1, Section 10.2 discusses the detailed syntax of digital signatures. Section 10.3 gives four examples of their use. You can read Sections 10.2 and 10.3 in either order, depending on whether you prefer to learn first from examples or from detailed specifications.

The signed data processing model and the Transforms element are sufficiently important that they are described separately in Section 10.4.

Section 10.5 provides the processing rules for signature generation and verification.

Section 10.6 examines a number of warning and security considerations in the use of XML digital signatures.

Secure XML(c) The New Syntax for Signatures and Encryption
Secure XML: The New Syntax for Signatures and Encryption
ISBN: 0201756056
EAN: 2147483647
Year: 2005
Pages: 186 © 2008-2017.
If you may any questions please contact us: