Template Version: @(#)onepager.txt 1.35 07/11/07 SMI
Copyright 2007 Sun Microsystems

1. Introduction
   1.1. Project/Component Working Name:
	libxmlsec

   1.2. Name of Document Author/Supplier:
	William Young

   1.3. Date of This Document:
	06/ /09
	// MM/DD/YY
	
	1.3.1. Date this project was conceived:
		11/07/07

   1.4. Name of Major Document Customer(s)/Consumer(s):
	1.4.1. The PAC or CPT you expect to review your project:
		Solaris PAC
	1.4.2. The ARC(s) you expect to review your project:
		LSARC
	1.4.3. The Director/VP who is "Sponsoring" this project:
		Kathy.Jenks@sun.com
	1.4.4. The name of your business unit:
		Solaris Security

   1.5. Email Aliases:
    	1.5.1. Responsible Manager: Craig.Payne@sun.com
    	1.5.2. Responsible Engineer: William.Young@sun.com
    	1.5.3. Marketing Manager: Mark.Thacker@sun.com
	1.5.4. Interest List: valex-core@sun.com

2. Project Summary
   2.1. Project Description:

	Libxmlsec is a C library that implements XML Digital Signature and
	XML Encryption.  It is based on libxml[1] which is already integrated
	in the SFW consolidation.  With the integration of libxmlsec,
	applications that use XML can take advantage of XML standards for
	integrity and privacy.

   2.2. Risks and Assumptions:

	As an open community project it is always possible decisions will be
	made that affect interfaces.  But libxmlsec has a historical track
	record back to 2002 that shows this has been relatively unlikely
	since it reached maturity in 2003. Since libxmlsec is dependent on
	libxml2 and openssl, API changes in these underlying libraries
	can require a corresponding libxmlsec update.

3. Business Summary

	The Signed Execution project at a minimum needs the ability to
	verify XML-DSIG signatures from other vendors.  While an understanding
	of a specific subset of the standard could be hard-coded there would
	be no benefit and considerable risks of incompatibility relative to
	importing libxmlsec and making it generally available.  The
	availability of libxmlsec creates opportunities to improve security
	for other Solaris components that already use XML, and makes Solaris
	a richer platform for application development in areas like secure
	transactions.

   3.1. Problem Area:

	Creating and verifying assurances of integrity and secrecy within XML
	has broad applications.  It is most applicable when a combination of
	interoperability and "data at rest" or end-to-end integrity or secrecy
	is needed.  For example, it is used by Openoffice to secure ODF
	documents and to secure transaction protocols where later repudiation
	make simple transport security inappropriate.


   3.2. Market/Requester:

	The Signed Execution project is the primary requester of this feature.

   3.3. Business Justification:

   3.4. Competitive Analysis:

   3.5. Opportunity Window/Exposure:

   3.6. How will you know when you are done?:
	libxmlsec will be available on Solaris.  Solaris components that
	compile against libxml2 can also compile against libxmlsec.  The
	libxmlsec library will be accessible before filesystem/usr is
	available.

4. Technical Description:
    4.1. Details:
	
	The libxmlsec source code tarball will be in the SFW gate and use
	a build harness similar to other libxml2 libraries.  It will be
	configured and compiled with only its libxmlsec-openssl module
	to support OpenSSL as the underlying encryption library.
		The libxmlsec-openssl crypto module is libxmlsec's default
	module, is MIT licensed and can make use of Sun's OpenSSL crypto
	engine to use the Userland Encryption Framework.  Legal approval for
	this usage is covered by OSR 7806.
		A follow up ARC cases may be filed after RFE#6479874 integrates
	in our OpenSSL implementation to improve crypto engine usage.
		A future ARC case could also switch us from using the OpenSSL
	module to a new module with more direct access to the crypto framework.
	Such a module would first need to be integrated in the community
	project.


    4.2. Bug/RFE Number(s):
	6663027 Using XMLDSig and libxmlsec in Solaris
    
    4.3. In Scope:
	The libxmlsec and libxmlsec-openssl libraries, headers and utility
	commands (xmlsec1, xmlsec1-config) of libxmlsec.
	The move of libxslt from /usr/lib to /lib as libxmlsec and therefore
	libxslt will be needed by early Validated Execution[5].

    4.4. Out of Scope:
	
	Support for NSS keystores or usage of gnutls, or libnss in place of
	OpenSSL as the underlying encryption provider. 
    
    4.5. Interfaces:

	The libxslt[4] library is relocated to /lib but otherwise has
	the same status.

	The provided commands and underlying crypto provider are 
	Volatile and could change based on new bits from the upstream
	community and changes to the Solaris selection of crypto
	providers.

	The use of libxmlsec is Uncommitted.  In the unlikely event that
	the upstream community changes an existing interface means of
	remediation will be investigated.

	Include files, Uncommitted:
usr/include/xmlsec/transforms.h
usr/include/xmlsec/errors.h
usr/include/xmlsec/crypto.h
usr/include/xmlsec/xmlenc.h
usr/include/xmlsec/xmlsec.h
usr/include/xmlsec/buffer.h
usr/include/xmlsec/exports.h
usr/include/xmlsec/app.h
usr/include/xmlsec/xmltree.h
usr/include/xmlsec/xkms.h
usr/include/xmlsec/io.h
usr/include/xmlsec/keysmngr.h
usr/include/xmlsec/keyinfo.h
usr/include/xmlsec/bn.h
usr/include/xmlsec/version.h
usr/include/xmlsec/membuf.h
usr/include/xmlsec/keysdata.h
usr/include/xmlsec/keys.h
usr/include/xmlsec/dl.h
usr/include/xmlsec/nodeset.h
usr/include/xmlsec/xmldsig.h
usr/include/xmlsec/strings.h
usr/include/xmlsec/templates.h
usr/include/xmlsec/x509.h
usr/include/xmlsec/list.h
usr/include/xmlsec/base64.h
usr/include/xmlsec/soap.h
usr/include/xmlsec/parser.h


	pkgconfig data, Volatile:
usr/lib/pkgconfig/xmlsec1.pc
usr/lib/pkgconfig/xmlsec1-openssl.pc

	automake data, Volatile:
usr/share/aclocal/xmlsec1.m4

	Root Libraries + links, Uncommitted:
lib/libxmlsec1.so
lib/libxmlsec1.so.1
lib/amd64/libxmlsec1.so
lib/amd64/libxmlsec1.so.1
lib/sparcv9/libxmlsec1.so
lib/sparcv9/libxmlsec1.so.1
lib/libxmlsec1-openssl.so
lib/libxmlsec1-openssl.so.1
lib/amd64/libxmlsec1-openssl.so
lib/amd64/libxmlsec1-openssl.so.1
lib/sparcv9/libxmlsec1-openssl.so
lib/sparcv9/libxmlsec1-openssl.so.1

	Library access via /usr links
Uncommitted:
usr/lib/libxmlsec1.so
usr/lib/libxmlsec1.so.1
usr/lib/amd64/libxmlsec1.so
usr/lib/amd64/libxmlsec1.so.1
usr/lib/sparcv9/libxmlsec1.so
usr/lib/sparcv9/libxmlsec1.so.1
Volatile:
usr/lib/libxmlsec1-openssl.so
usr/lib/libxmlsec1-openssl.so.1
usr/lib/amd64/libxmlsec1-openssl.so
usr/lib/amd64/libxmlsec1-openssl.so.1
usr/lib/sparcv9/libxmlsec1-openssl.so
usr/lib/sparcv9/libxmlsec1-openssl.so.1

	Commands, Volatile:
usr/bin/xmlsec1-config
usr/bin/xmlsec1
    

    4.6. Doc Impact:
	Import from community:
		xmlsec1(1)
		xmlsec1-config(1)
	New:
		libxmlsec(3)
    
    4.7. Admin/Config Impact:
	None. (No configuration.)
    
    4.8. HA Impact:
	None. (No daemon or configuration.)
    
    4.9. I18N/L10N Impact:
	Similar to other libxml2 based libraries, such as libxslt[4],
	libxmlsec provides a CLI utility primarily used for testing which
	is not localized in the upstream project and will not be
	localized in Solaris.
    
    4.10. Packaging & Delivery:
	The following new packages:
	SUNWlxmlsecr
lib/libxmlsec1.so
lib/libxmlsec1.so.1
lib/amd64/libxmlsec1.so
lib/amd64/libxmlsec1.so.1
lib/sparcv9/libxmlsec1.so
lib/sparcv9/libxmlsec1.so.1
lib/libxmlsec1-openssl.so
lib/libxmlsec1-openssl.so.1
lib/amd64/libxmlsec1-openssl.so
lib/amd64/libxmlsec1-openssl.so.1
lib/sparcv9/libxmlsec1-openssl.so
lib/sparcv9/libxmlsec1-openssl.so.1

	SUNWlxmlsec
usr/bin/xmlsec1
usr/lib/libxmlsec1.so
usr/lib/libxmlsec1.so.1
usr/lib/amd64/libxmlsec1.so
usr/lib/amd64/libxmlsec1.so.1
usr/lib/sparcv9/libxmlsec1.so
usr/lib/sparcv9/libxmlsec1.so.1
usr/lib/libxmlsec1-openssl.so
usr/lib/libxmlsec1-openssl.so.1
usr/lib/amd64/libxmlsec1-openssl.so
usr/lib/amd64/libxmlsec1-openssl.so.1
usr/lib/sparcv9/libxmlsec1-openssl.so
usr/lib/sparcv9/libxmlsec1-openssl.so.1

	SUNWlxmlsec-devel
usr/include/xmlsec/transforms.h
usr/include/xmlsec/errors.h
usr/include/xmlsec/crypto.h
usr/include/xmlsec/xmlenc.h
usr/include/xmlsec/xmlsec.h
usr/include/xmlsec/buffer.h
usr/include/xmlsec/exports.h
usr/include/xmlsec/app.h
usr/include/xmlsec/xmltree.h
usr/include/xmlsec/xkms.h
usr/include/xmlsec/io.h
usr/include/xmlsec/keysmngr.h
usr/include/xmlsec/keyinfo.h
usr/include/xmlsec/bn.h
usr/include/xmlsec/version.h
usr/include/xmlsec/membuf.h
usr/include/xmlsec/keysdata.h
usr/include/xmlsec/keys.h
usr/include/xmlsec/dl.h
usr/include/xmlsec/nodeset.h
usr/include/xmlsec/xmldsig.h
usr/include/xmlsec/strings.h
usr/include/xmlsec/templates.h
usr/include/xmlsec/x509.h
usr/include/xmlsec/list.h
usr/include/xmlsec/base64.h
usr/include/xmlsec/soap.h
usr/include/xmlsec/parser.h
usr/lib/pkgconfig/xmlsec1.pc
usr/lib/pkgconfig/xmlsec1-openssl.pc
usr/share/aclocal/xmlsec1.m4
usr/bin/xmlsec1-config

	SUNWlxslr
lib/libxslt.so.1
lib/libxslt.so
lib/llib-lxslt.ln
lib/amd64/libxslt.so.1
lib/amd64/libxslt.so
lib/amd64/llib-lxslt.ln
lib/sparcv9/libxslt.so.1
lib/sparcv9/libxslt.so
lib/sparcv9/llib-lxslt.ln

Modifications:
	SUNWlxsl
usr/lib/libxslt.so.1 becomes a link to lib/libxslt.so.1
usr/lib/amd64/libxslt.so.1 becomes a link to lib/amd64/libxslt.so.1
usr/lib/sparcv9/libxslt.so.1 becomes a link to lib/sparcv9/libxslt.so.1

	SUNWlxsl-devel
usr/lib/llib-lxslt.ln becomes a link to lib/llib-lxslt.ln
usr/lib/amd64/llib-lxslt.ln becomes a link to lib/amd64/llib-lxslt.ln
usr/lib/sparcv9/llib-lxslt.ln becomes a link to lib/sparcv9/llib-lxslt.ln


    4.11. Security Impact:
	Introduction of libxmlsec has no immediate security ramifications.
	Buffer overflows in libxmlsec or dependencies like libxml2
	could lead to vulnerabilities when it is used to manipulate
	untrusted content, so careful review is warranted.
    
    4.12. Dependencies:
	libxmlsec is dependent on libxml2[1], libxslt[4] and OpenSSL.

5. Reference Documents:
	[1] http://sac.eng/Archives/CaseLog/arc/PSARC/2001/175/
	"PSARC/2001/175 Using XML and libxml in Solaris"
	libxml2's ARC case

	[2] http://sac.sfbay/PSARC/2001/488/
	"UEF: Userland Encryption Framework"
	Encryption framework ARC case

	[3] http://www.aleksey.com/xmlsec/
	"XML Security Library"
	libxmlsec's Community homepage

	[4] http://sac.sfbay/PSARC/2002/244/
	"Using XSLT and libxslt in Solaris"
	libxslt's ARC case

	[5] http://sac.sfbay/PSARC/2007/674/
	"Enabling Early Signature Validation"
	Relocation of libxml2 and related libraries to /lib


6. Resources and Schedule:
   6.1. Projected Availability:
	September 2009

   6.2. Cost of Effort:
	3-6 employee-months

   6.3. Cost of Capital Resources:
	$0

   6.4. Product Approval Committee requested information:
   	6.4.1. Consolidation or Component Name:
		SFW
	6.4.3. Type of CPT Review and Approval expected:
		FastTrack
        6.4.4. Project Boundary Conditions:
		// Give the document's URL  http://....
	6.4.5. Is this a necessary project for OEM agreements:
		No.
	6.4.6. Notes:
		// See dependencies section above.
	6.4.7. Target RTI Date/Release:
		August 2009
	6.4.8. Target Code Design Review Date:
		July 2009
	6.4.9. Update approval addition:
		This project is not targeting an Update Release.

   6.5. ARC review type:
		FastTrack
   6.6. ARC Exposure:
		open
       6.6.1. Rationale:

7. Prototype Availability:
   7.1. Prototype Availability:
	Prototype compiles libxmlsec in the SFW gate and builds example SYSV
	packages.

   7.2. Prototype Cost:
	1 person-month