XML, or Extensible Markup Language, is a language used to create
common data formats and document structures and share both the
format and the data on the web or intranets. It is similar to the
HTML language of web sites.
However, it is considered as more flexible because it uses
unlimited markup symbols and not a standard format, thus enabling
individuals or organisations to create their own customised
languages for the exchange of specific types of data.
Technologies for encrypting XML documents already exist. The XML
Encryption Syntax and Processing and the Decryption Transform for
XML Signature, which were approved by the W3C yesterday, are
different because they are the only specifications that, when used
together, enable web sites to sign and encrypt selected portions of
data such as credit card numbers.
The specifications, according to the W3C, provide a way to
identify parts of an XML document that may have been secured by the
author, so that these parts can be recognised and encrypted.
According to the W3C, XML encryption is already utilised by many
applications and even more companies are planning to implement it.
The group expects that the two specifications will be particularly
used for securing payloads in web services.
Details about the two specifications can be found at:
www.w3.org/2002/12/xenc-pressrelease
