XML Digital Signatures
A digital signature (not to be confused with a digital certificate) is the electronic equivalent of a written signature. It is used by distributed applications to authenticate the identity of the sender of a message or document. It also ensures that the message or document is unchanged.
The XML digital signature specification defines an optional XML element that facilitates the inclusion of a digital signature within an XML document. It provides any web service with the ability to ensure data integrity, authentication, and nonrepudiation with any other web service.
In addition to specifying syntax, the specification makes recommendations about the types of data that require a digital signature. The most thought-provoking recommendation relates to the signing of visual items (such as Cascading Style Sheets and browser plug-ins) that are external to the XML data itself, but will eventually be used to render the XML data. As a rule, the specification recommends that if the representation of XML data is for visual display, then to preserve validity of the signed information over time, both the XML data and the items applied for visual representation should be signed. The specification suggests that this recommendation should be applied to nonvisual renderings, such is audio, as well.
Here is a digitally signed version of
PO.xml
. The purchase order
information is unchanged, but the document is much larger; most of it
now consists of a
<Signature>
element: ...
Get Java Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.