JSRs: Java Specification Requests
JSR 106: XML Digital Encryption APIs
Section 1. Identification
Submitting Member: IBM
Name of Contact Person: Anthony Nadalin or Maxine Erlund
E-Mail Address: Anthony Nadalin -, Maxine Erlund -
Telephone Number: Anthony Nadalin - +1 512 436 9568, Maxine Erlund - +1 408 517 5486
Fax Number: Anthony Nadalin - +1 512 838 3823, Maxine Erlund - +1 408 863 3155
Specification Lead: Anthony Nadalin
E-Mail Address: Anthony Nadalin - firstname.lastname@example.org
Telephone Number: Anthony Nadalin - +1 512 436 9568
Fax Number: Anthony Nadalin - +1 512 436 9568
Initial Expert Group Membership:
IBM - Anthony Nadalin
Section 2: Request
2.1 Please describe the proposed Specification:
This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document.
2.2 What is the target Java platform? (i.e., desktop, server, personal, embedded, card, etc.)
JDK 2 SDK, Standard Edition, V 1.3 and above
2.3 What need of the Java community will be addressed by the proposed specification?
Today there is no standard set of APIs for XML digital encryption services. This JSR provides a Java API to the XML Digital encryption services.
2.4 Why isn't this need met by existing specifications?
There is no existing specification in JDK 2 SDK for accessing XML Digital Encryption via a standard set of APIs.
2.5 Please give a short description of the underlying technology or technologies:
This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document. The representation of the encrypted data and keying material must be both efficient and flexible while using existing functionality within J2SE. XML encryption must provide consistency and compatibility with exiting XML Digital Signature specification as defined by the W3C.
2.6 Is there a proposed package name for the API Specification? (i.e., javapi.something, org.something, etc.)
2.7 Does the proposed specification have any dependencies on specific operating systems, CPUs, or I/O devices that you know of?
2.8 Are there any security issues that cannot be addressed by the current security model?
2.9 Are there any internationalization or localization issues?
2.10 Are there any existing specifications that might be rendered obsolete, deprecated, or in need of revision as a result of this work?
2.11 Please describe the anticipated schedule for the development of this specification.
I'd like to propose a 9-12 week schedule, with 2-3 internal review cycles within that timeframe:
6/1 Release API docs
and preliminary spec.
Section 3: Contributions
3.1 Please list any existing documents, specifications, or implementations that describe the technology. Please include links to the documents if they are publicly available.
W3C/IETF XML Signature specification http://www.w3.org/2000/09/xmldsig
Java Cryptography Extension http://java.sun.com/products/jce
PKCS Specifications http://www.rsasecurity.com/rsalabs/pkcs/index.html
3.2 Explanation of how these items might be used as a starting point for the work.
These documents describe the XML Digital signature standard developed by the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF), this describes the basic element format and also the Java Cryptography Extension that can be used to form the bases of a set of Java APIs.