ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

W3C-XMLDSIG-CORE-2

W3C XMLDSig Core 2 abandoned revision effort.

Definition

XMLDSig 2.0 ambitions vs XML Signature 1.1: (1) Simplification: reduction option matrix complexity, (2) Streaming Signatures: support generate/validate stream-based signatures for processing large XML documents without loading full DOM memory, (3) Performance optimizations: reduce canonicalization overhead, (4) Security improvements: address padding oracle vulnerabilities, mandate use AEAD ciphers, deprecate weak algorithms. Status: last Working Draft 24 January 2013, W3C XML Security Working Group closed 19 December 2014, XMLDSig 2.0 never reached Recommendation status. Results: industry continues XML Signature 1.1 + modern organisations prefer JOSE JSON Object Signing and Encryption (JWS JSON Web Signature, JWE JSON Web Encryption) JSON-based alternatives + new SD-JWT, Verifiable Credentials VC W3C standards for structured signatures.

Origin

W3C XML Security Working Group XMLDSig 2.0 effort 2010-2014 ; last Working Draft 24 January 2013 ; WG closed 19 December 2014 ; XMLDSig 2.0 never reached Recommendation.

Example in context

No known production XMLDSig 2.0 implementation ; modern organisations use XML Signature 1.1 (XML legacy use cases) or migrate JWS JWE JSON-based signatures (REST APIs, JWT tokens, Verifiable Credentials).

Last updated: May 16, 2026