The Web’s leading standards group approved two XML encryption specifications, a move that promises to boost the development of secure Web services.
The two specs, XML Encryption Syntax and Processing and Decryption Transform for XML Signature, will enable Web pages using Extensible Markup Language to encrypt parts of a document being exchanged between Web sites, the World Wide Web Consortium said.
While other methods exist for encrypting XML documents, the W3C’s specifications make it possible to encrypt selected sections or elements of a document–for instance, a credit card number entered in an XML form.
“This provides a way to identify parts of an XML document that may be secured by the author, so you can choose the parts that are most important and encrypt those,” said W3C representative Janet Daly.
The new specifications are expected to help speed the development of Web services built on XML, code that lets developers create specialized languages for exchanging specific types of data.
The W3C’s encryption work comes as part of a larger push to publish standards relevant to the Web services trend. The consortium earlier this year weathered criticism that it was slow to develop Web services, but has since published a wide array of Web services-related drafts.
The XML encryption technology was developed by the W3C’s encryption working group, consisting of companies such as Microsoft, Motorola, IBM, Sun Microsystems, VeriSign and BEA Systems, among others.
By Jim Hu
Staff Writer, CNET News.com
December 10, 2002