The importance of electronic signature is obvious, not only for people and companies doing electronic business, but for nonprofit organizations and personals as well. Everybody who cares about trust and security in data storage and processing wants to have a way to sign his documents or data and to validate the signature of some second or third party. Thus the electronic signature is an important security component that can be used to protect information and provide trust in modern electronic world.
In this article we are talking about signing XML documents, though the same mechanism of XML signature can be used to sign any type of data. XML signature may be detached from or attached to signed data. In latter case the signature is said to be enveloping, when it contains the signed data within itself, or may be enveloped when it comprises a part of the document containing the signed data.
Principally the way to sign digital documents was available before XAdES was issued. It was defined in the W3C Recommendation for XML Signature Syntax and Processing, called XML-DSig. So why somebody has to bother about XAdES, the new standard for XML signature? The answer is trivial: XAdES defines some extensions and specifications for XML-DSig to provide some advanced features. More specifically, XAdES defines six precise profiles in addition to XML-DSig. These profiles are XAdES, XAdES-T, XAdES-C, XAdES-X, XAdES-X-L and XAdES-A. Each following profile adds some properties to the previous one. First profile, XAdES itself, adds properties to basic XML-DSig signature. You can read XAdES specifications here.
How It Works
The basic XML signature, defined in XML-DSig, consists of a Signature element in the http://www.w3.org/2000/09/xmldsig# namespace. The structure of this element is as follows:
<Signature> <SignedInfo> <SignatureMethod /> <CanonicalizationMethod /> <Reference> <Transforms /> <DigestMethod /> <DigestValue /> </Reference> <Reference /> etc. </SignedInfo> <SignatureValue /> <KeyInfo /> <Object /> </Signature>
This form of digital signature may be considered as a minimal form. It can satisfy some basic requirements, but it lacks most of features introduced by XAdES standard, which we will discuss in the following sections.