ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




XML might become standard for digital signatures

July 14, 1999
Web posted at: 8:58 a.m. EDT (1258 GMT)

by Sandra Gittlen

Network World Fusion
Novell and Microsoft agree on XML-based standard

OSLO, NORWAY (IDG) -- The Internet Engineering Task Force and the World Wide Web Consortium (W3C) combined forces at the 45th IETF meeting in Oslo this week to develop a strategy for supporting digital signatures on the Web.

The joint working group wants to employ XML to make digital signatures, which use public and private key encryption to identify users, universally accessible.

Creating an XML standard for the technology is important because XML applications are on the rise, says working group co-chair Joseph Reagle, a technology and society policy analyst at the W3C. Companies are using XML forms for loans and other documents and need to be able to access applicants' signatures through various applications, he says. "Anyone that cares about authentication will care about [digital signatures]," he adds.
  Network World Fusion home page
  Free Network World Fusion newsletters
 Reviews & in-depth info at
 *'s bridges & routers page's hubs & switches page
 *'s network operating systems page's network management software page
  Year 2000 World
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for network experts
  Search in 12 languages

The standard will specify a set of XML tags that labels the digital signature as a cryptographic identifier and maps it to the appropriate Web resource such as a certificate vendor's URL for verification.

Reagle says the XML approach works with current encryption technologies such as X.509 or PGP certificates.

The working group hopes to have a standard ready by year-end.

But Paul Hoffman, director of the Internet Mail Consortium, says XML digital signatures have an obstacle.

Hoffman says digital signatures are not catching on because people don't trust third parties such as encryption vendors to verify signatures. "It's the trust that's the problem, not the format," he says.

The government should be the trusted third party, he says. But the chances of that happening are slim. The U.S. government does not want to be the administrator of a signature database, Hoffman concedes.

The alternative is for banks or the U.S. Postal Service to hand out digital signatures as an extension to their traditional services, he says.

XML: The online-catalog solution
June 8, 1999
XML comes of age at Internet World
April 16, 1999
XML for the absolute beginner
April 2, 1999

NIST allows agencies to use commercial digital signature
(Federal Computer Week)
Europe in Digital-Signature Drama
(The Industry Standard)
States Endorse Digital Signature Bill
EU approves digital signature framework
Year 2000 World
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

The W3C's XML signature page
The IETF's Digital Signature Working Group site
Net Resources: XML
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.