Java Specification Request

JSR 106: XML Digital Encryption APIs

StatusWithdrawn
JCP version2.1
JSPA version1.0

Reason: Withdrawn at the request of the Specification Lead.

Description

This JSR is to define a standard set of APIs for XML digital encryption services. This proposal is to define and incorporate the high level implementation independent Java APIs.

Please direct comments on this JSR to the Spec Lead(s).

Stage timeline

Stage Access Start Finish
Withdrawn 04 May, 2010
Public Review Download page 12 Dec, 2005 11 Jan, 2006
Community Draft Ballot View results 29 Mar, 2005 04 Apr, 2005
Community Review Login page 01 Mar, 2005 04 Apr, 2005
Expert Group Formation 13 Mar, 2001
JSR Review Ballot View results 27 Feb, 2001 12 Mar, 2001

Team

Specification Leads

  • Bruce RichIBM

Expert Group

  • Apache Software Foundation
  • BEA Systems
  • Betrusted Inc.
  • Hewlett-Packard
  • IAIK Graz University of Technology
  • IBM
  • Motorola
  • Netegrity Inc.
  • Oracle
  • Sun Microsystems, Inc.
  • Sybase

Proposal

This JSR has been Withdrawn.

Reason: Withdrawn at the request of the Specification Lead.

Original Java Specification Request (JSR)

Identification | Request | Contributions

Section 1. Identification

Submitting Member: IBM

Name of Contact Person: Anthony Nadalin or Maxine Erlund

E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com, Maxine Erlund - maxine.erlund@eng.sun.com

Telephone Number: Anthony Nadalin - +1 512 436 9568, Maxine Erlund - +1 408 517 5486

Fax Number: Anthony Nadalin - +1 512 838 3823, Maxine Erlund - +1 408 863 3155

Specification Lead: Anthony Nadalin

E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com

Telephone Number: Anthony Nadalin - +1 512 436 9568

Fax Number: Anthony Nadalin - +1 512 436 9568

Initial Expert Group Membership:
(Please provide company or organization names. Note that expert group members must have signed the JSPA.)

IBM - Anthony Nadalin



Section 2: Request

2.1 Please describe the proposed Specification:

This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document.

2.2 What is the target Java platform? (i.e., desktop, server, personal, embedded, card, etc.)

JDK 2 SDK, Standard Edition, V 1.3 and above

2.3 What need of the Java community will be addressed by the proposed specification?

Today there is no standard set of APIs for XML digital encryption services. This JSR provides a Java API to the XML Digital encryption services.

2.4 Why isn't this need met by existing specifications?

There is no existing specification in JDK 2 SDK for accessing XML Digital Encryption via a standard set of APIs.

2.5 Please give a short description of the underlying technology or technologies:

This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document. The representation of the encrypted data and keying material must be both efficient and flexible while using existing functionality within J2SE. XML encryption must provide consistency and compatibility with exiting XML Digital Signature specification as defined by the W3C.

2.6 Is there a proposed package name for the API Specification? (i.e., javapi.something, org.something, etc.)

javax.security.xml.enc

2.7 Does the proposed specification have any dependencies on specific operating systems, CPUs, or I/O devices that you know of?

NO

2.8 Are there any security issues that cannot be addressed by the current security model?

NO

2.9 Are there any internationalization or localization issues?

NO

2.10 Are there any existing specifications that might be rendered obsolete, deprecated, or in need of revision as a result of this work?

NO

2.11 Please describe the anticipated schedule for the development of this specification.

I'd like to propose a 9-12 week schedule, with 2-3 internal review cycles within that timeframe:

6/1 Release API docs and preliminary spec.
9/25 Comments on first draft due
10/16 2nd draft released
10/30 Comments on 2nd draft due
11/13 3rd draft released (if necessary)
11/27 Comments on 3rd draft due (if necessary)
12/04 Community drafft released





Section 3: Contributions

3.1 Please list any existing documents, specifications, or implementations that describe the technology. Please include links to the documents if they are publicly available.

W3C/IETF XML Signature specification http://www.w3.org/2000/09/xmldsig

Java Cryptography Extension http://java.sun.com/products/jce

PKCS Specifications http://www.rsasecurity.com/rsalabs/pkcs/index.html

3.2 Explanation of how these items might be used as a starting point for the work.

These documents describe the XML Digital signature standard developed by the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF), this describes the basic element format and also the Java Cryptography Extension that can be used to form the bases of a set of Java APIs.