Saml parsing validating
Saml parsing validating
These key words are not used (capitalized) to describe XML grammar; schema definitions unambiguously describe such requirements and we wish to reserve the prominence of these terms for the natural language descriptions of protocols and features.
Obviously, the term is also strictly used to refer to authentication values that are based on public keys and that provide signer authentication.
No provision is made for an explicit version number in this syntax.
If a future version is needed, it will use a different namespace.
The XML Signature is a method of associating a key with referenced data (octets); it does not normatively specify how keys are associated with persons or institutions, nor the meaning of the data being referenced and signed.
Consequently, while this specification is an important component of secure XML applications, it itself is not sufficient to address all application security/trust concerns, particularly with respect to using signed XML (or other data formats) as a basis of human-to-human communication and agreement.
This document has been reviewed by W3C Members and other interested parties and has been endorsed by the Director as a W3C Recommendation.
It is a stable document and may be used as reference material or cited as a normative reference from another document.
An XML Signature may be applied to the content of one or more resources.
Enveloped or enveloping signatures are over data within the same XML document as the signature; detached signatures are over data external to the signature element.
When specifically discussing authentication values based on symmetric secret key codes we use the terms authenticators or authentication codes.
(See Check the Security Model, section 8.3.) This specification provides an XML Schema [XML-schema] and DTD [XML]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be interpreted as described in RFC2119 [KEYWORDS]: Consequently, we use these capitalized key words to unambiguously specify requirements over protocol and application features and behavior that affect the interoperability and security of implementations.
For resources not under the control of this specification, we use the designated Uniform Resource Names [URN] or Uniform Resource Locators [URL] defined by its normative external specification.