scope:

Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.

International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.

The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.

Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.

Amendment 1 to ISO/IEC 24727-4:2008 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identificaition.

XML encodings have become more and more used in the field of IAS (Identity, Authentication and (digital) Signature), Identity Management and general networking communication. To enhance interoperability with existing networking systems and federated identification and authorization systems (e.g. SAML, OpenID, etc.) standardization of an XML representation of the API and data structures of ISO/IEC 24727-3 is essential.

In order to support this addition to the ISO/IEC 24727-3 scope, the relevant stack configurations in ISO/IEC 24727-4 will be updated and/or amended. The rules governing the use of various marshalling/un-marshalling procedures will be aligned with the amendment to ISO/IEC 24727-3.

This Amendment has been prepared to:

1. Extend and update as necessary the stack configurations to address the XML representation such that it is compatible with the relevant XML-based standards (e.g. SAML).

2. Clarify use of secure messaging.

3. As a result of Amendments under development for other parts of 24727, portions of this standard may be deleted and referenced.

4. Consider additional forms of secure messaging and consider separating the security of information transferred across a general network versus security of information transferred across the card interface.

5. Refine TC_API to allow channel initiation for various mechanisms; e.g. web service communication (SOAP PAOS), AJAX.

6. Update the current XML specifications to align with ISO and not import 3 party schemas e.g. OASIS.

7. Remove ambiguities by elaborating and re-specifying concepts that may not be clear in the current standard.

8. Incorporate concepts that are captured in other parts of ISO/IEC 24727 but are more relevant for ISO/IEC 24727-4.

9. Include C and Java bindings in a Normative Annex (for C) and an Informative Annex (Java); moved from Part 5

10. Consider relocating data structure generation to the local machine level; e.g. remote ICC Stack

Note: A hybrid numbering scheme for new figures and tables is used (e.g. Figure 7-1) in order to fit more seamlessly with the original document; i.e. to NOT require many modifications to simply change figure and table numbers.