This draft has been approved for publication by the IETF and the document is currently in the IETF RFC-Editors que for publication as RFC.
Progress in the publication process is available here: https://datatracker.ietf.org/doc/draft-santesson-svt
This is the working area for the draft of Signature Validation Token (SVT) currently being processed in the IETF independent submission stream.
An orientation to the subject is available in the following presentation: https://youtu.be/IEJBmHJklHY
Current working draft for the SVT specification is located in the folder:
- svt-main for the main protocol (including profiles for XML, PDF and JWS)
The latest compiled version of the main draft is located in the this root directory.
Note: That the latest working version found here normally is a later version than the last version submitted to the IETF.
Latest draft submitted to the IETF:
Deprecated documents:
Profiles for XML, PDF and JWS were previously specified in their own independent drafts. These are now moved to the main document. The old deprecated profiles drafts are kept for reference here:
- svt-xml previous XML profile drafts
- svt-pdf previous PDF profile drafts
- svt-jws previous JWS profile drafts
Implementation of version 1.0 of this specification is available as open source. This open source is free to use under the Apache 2.0 license.
| Repo | Description |
|---|---|
| https://github.com/idsec-solutions/sig-validation-svt | ore components for generation and validation of Signature Validation Tokens |
| https://github.com/idsec-solutions/sig-validation-base | SVT enhanced signature validation and functions to extend XML and PDF documents with SVT tokens. |
A reference implementation is available at: https://sandbox.swedenconnect.se/sigval/. This implementation validates elecronic signatures against the EU trusted list (TSL) as well as validatin based on SVT and provides the capability to extend XML and PDF docuemtns with SVT tokens.
This is the preliminary repository for developing drafts related to signature validation tokens intended for standardization and publication as an IETF standards track RFC.
This repository may be replaces at a later stage with a repository assigned by the IETF.
Contributions are wellcome either by
- submitting issues
- by providing pull requests
- by sending e-mail to the authors (see current draft for author contact info)
Each draft folder has a build script for building the txt drafts
This requires locally installed kramdown-rfc2629 (https://github.com/cabo/kramdown-rfc2629) and xml2rfc (https://xml2rfc.tools.ietf.org/).
- Build the draft to be submitted
- Rename draft to the appropriate version number and remove "-SNAPSHOT" from name.
- Create a published/draft-nn folder inside the target draft folder and place relevant markdown and text document of the submited version.
- Update the version number of the current working draft.
- Create a new release of the Github repo.
Create an issue in the repo
If issue is a minor issue: fix the issue in master and close the issue
If the issue is a substantial issue:
- Create a branch named after the issue
- Fix the issue
- Create a pull request and request review
- Iterate until issue is resolved
- Merge to master and close the issue
Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF Contribution". Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place, which are addressed to:
- The IETF plenary session
- The IESG, or any member thereof on behalf of the IESG
- Any IETF mailing list, including the IETF list itself, any working group or design team list, or any other list functioning under IETF auspices
- Any IETF working group or portion thereof
- Any Birds of a Feather (BOF) session
- The IAB or any member thereof on behalf of the IAB
- The RFC Editor or the Internet-Drafts function
- All IETF Contributions are subject to the rules of RFC 5378 and RFC 3979 (updated by RFC 4879).
Statements made outside of an IETF session, mailing list or other function, that are clearly not intended to be input to an IETF activity, group or function, are not IETF Contributions in the context of this notice.
Please consult RFC 5378 and RFC 3979 for details.
A participant in any IETF activity is deemed to accept all IETF rules of process, as documented in Best Current Practices RFCs and IESG Statements.
A participant in any IETF activity acknowledges that written, audio and video records of meetings may be made and may be available to the public.