Find JSRs
Submit this Search


Ad Banner
 
 
 
 

JSRs: Java Specification Requests
JSR 106: XML Digital Encryption APIs

This JSR has been Withdrawn
Reason: Withdrawn at the request of the Specification Lead.

Original Java Specification Request (JSR)

Identification | Request | Contributions

Section 1. Identification

Submitting Member: IBM

Name of Contact Person: Anthony Nadalin or Maxine Erlund

E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com, Maxine Erlund - maxine.erlund@eng.sun.com

Telephone Number: Anthony Nadalin - +1 512 436 9568, Maxine Erlund - +1 408 517 5486

Fax Number: Anthony Nadalin - +1 512 838 3823, Maxine Erlund - +1 408 863 3155

Specification Lead: Anthony Nadalin

E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com

Telephone Number: Anthony Nadalin - +1 512 436 9568

Fax Number: Anthony Nadalin - +1 512 436 9568

Initial Expert Group Membership:
(Please provide company or organization names. Note that expert group members must have signed the JSPA.)

IBM - Anthony Nadalin



Section 2: Request

2.1 Please describe the proposed Specification:

This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document.

2.2 What is the target Java platform? (i.e., desktop, server, personal, embedded, card, etc.)

JDK 2 SDK, Standard Edition, V 1.3 and above

2.3 What need of the Java community will be addressed by the proposed specification?

Today there is no standard set of APIs for XML digital encryption services. This JSR provides a Java API to the XML Digital encryption services.

2.4 Why isn't this need met by existing specifications?

There is no existing specification in JDK 2 SDK for accessing XML Digital Encryption via a standard set of APIs.

2.5 Please give a short description of the underlying technology or technologies:

This JSR is to define a standard set of APIs for XML digital encryption services. XML Encryption can be used to perform fine-grained, element-based encryption of fragments within an XML Document as well as encrypt arbitrary binary data and include this within an XML document. The representation of the encrypted data and keying material must be both efficient and flexible while using existing functionality within J2SE. XML encryption must provide consistency and compatibility with exiting XML Digital Signature specification as defined by the W3C.

2.6 Is there a proposed package name for the API Specification? (i.e., javapi.something, org.something, etc.)

javax.security.xml.enc

2.7 Does the proposed specification have any dependencies on specific operating systems, CPUs, or I/O devices that you know of?

NO

2.8 Are there any security issues that cannot be addressed by the current security model?

NO

2.9 Are there any internationalization or localization issues?

NO

2.10 Are there any existing specifications that might be rendered obsolete, deprecated, or in need of revision as a result of this work?

NO

2.11 Please describe the anticipated schedule for the development of this specification.

I'd like to propose a 9-12 week schedule, with 2-3 internal review cycles within that timeframe:

6/1 Release API docs and preliminary spec.
9/25 Comments on first draft due
10/16 2nd draft released
10/30 Comments on 2nd draft due
11/13 3rd draft released (if necessary)
11/27 Comments on 3rd draft due (if necessary)
12/04 Community drafft released





Section 3: Contributions

3.1 Please list any existing documents, specifications, or implementations that describe the technology. Please include links to the documents if they are publicly available.

W3C/IETF XML Signature specification http://www.w3.org/2000/09/xmldsig

Java Cryptography Extension http://java.sun.com/products/jce

PKCS Specifications http://www.rsasecurity.com/rsalabs/pkcs/index.html

3.2 Explanation of how these items might be used as a starting point for the work.

These documents describe the XML Digital signature standard developed by the World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF), this describes the basic element format and also the Java Cryptography Extension that can be used to form the bases of a set of Java APIs.