Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Confidential
Government of the Republic of Trinidad and Tobago National Information and Communications Technology Company Limited
e-Government Omnibus Technical Standards
29 June 2012
Version 2.3 e-Government Omnibus Technical Standards
e-Government Omnibus Technical Standards
Confidential Page i
Version Log
Version Number and Date List of Changes Page Numbers
1.0 November 24, 2010
2.0 February 09, 2011 Old standards updated and new ones included
2.1 April 20, 2011 a) Minor changes b) new items included a) 70 b) 71, 73, 74
2.2 May 2, 2011 Editing and formatting of the table of contents ii
2.3 June 29, 2012 Document review
e-Government Omnibus Technical Standards
Confidential Page ii
Table of Contents
1 INTRODUCTION 1
2 NETWORKING 1
2.1 802.3AH 2 2.2 802.AD 3 2.3 DSL 4 2.4 IP V4 5 2.5 IP V6 6 2.6 PPP 7 2.7 TCP 8 2.8 UDP 9 2.9 IEEE 802.11B 10 2.10 IEEE 802.11G 11 2.11 IEEE 802.11N 12 2.12 HTTP V1.1 13 2.13 HTTPS 14 2.14 FTP 15 2.15 FTPS 16 2.16 HTTP V1.1 17 2.17 HTTPS 18 2.18 SFTP 19 2.19 NTP V4 20 2.20 LDAP V3.0 21 2.21 DNS 22 2.22 SCP 23
3 DATA INTEGRATION 23
3.1 PLAIN TEXT (.TXT) 24 3.2 HTML V4.01 25 3.3 HTML V5 26 3.4 MICROSOFT WORD 2003 (.DOC) 27 3.5 OPEN OFFICE XML 28 3.6 OPENDOCUMENT 29 3.7 PDF 30 3.8 RICH TEXT FORMAT V1.9.1 31 3.9 DELIMITED TEXT 32 3.10 HTML V4.01 33 3.11 HTML V5 34 3.12 MICROSOFT EXCEL 2003 (.XLS) 35 3.13 OPEN OFFICE XML 36 3.14 OPENDOCUMENT 37 3.15 PDF 38 3.16 HTML V4.01 39 3.17 HTML V5 40 3.18 MICROSOFT POWERPOINT 2003 (.PPT) 41 3.19 OPEN OFFICE XML 42 3.20 OPENDOCUMENT 43 3.21 PDF 44 3.22 HTML V4.01 45 3.23 HTML V5 46 3.24 MICROSOFT PROJECT 2003 (.MPP) 47 3.25 PDF 48 3.26 DELIMITED TEXT 49
e-Government Omnibus Technical Standards
Confidential Page iii
3.27 AUTOCAD DXF (.DXF) 50 3.28 DWG (.DWG) 51 3.29 PDF 52 3.30 ECW 53 3.31 GIF89A 54 3.32 JPEG 55 3.33 OPENDOCUMENT 56 3.34 PNG 57 3.35 TIFF V6.0 58 3.36 OPENDOCUMENT 59 3.37 SVG V1.1 60 3.38 HTML V4.01 61 3.39 HTML V5 62 3.40 XFORMS 1.1 63 3.41 XHTML V1.1 64 3.42 APPLE QUICKTIME (.AVI, .MOV, .QT) 65 3.43 FLASH 66 3.44 MIDI (.MID) 67 3.45 MP3 68 3.46 MPEG-1 69 3.47 MPEG-2 70 3.48 MPEG-4 71 3.49 OGG VORBIS 72 3.50 REALAUDIO/REALVIDEO (.RA, .RAM, .RM, .RMM) 73 3.51 SHOCKWAVE (.SWF) 74 3.52 WAVEFORM AUDIO FORMAT (.WAV) 75 3.53 WINDOWS MEDIA FORMATS (.ASF, .WMA, .WMV) 76 3.54 ASCII 77 3.55 UNICODE V6.0.0 78 3.56 UTF-16 79 3.57 UTF-8 80 3.58 BZIP2 81 3.59 7-ZIP 82 3.60 GNU ZIP 83 3.61 TAPE ARCHIVER (TAR) 84 3.62 ZIP 85 3.63 XML V1.0 86 3.64 XML SCHEMA 87 3.65 XSLT V1.0 88 3.66 XSLT V2.0 89 3.67 MICROSOFT EXCEL 2010 (.XLSX) 90 3.68 MICROSOFT POWERPOINT 2010 (.PPTX) 91 3.69 MICROSOFT PROJECT 2010 (.MPP) 92 3.70 MICROSOFT WORD 2010 (.DOCX) 93
4 APPLICATION / PRESENTATION 94
4.1 UML V2.3 94 4.2 XMI V2.1.1 95 4.3 IMAP V4 96 4.4 MIME 97 4.5 POP3 98 4.6 S/MIME 99 4.7 SMTP 100 4.8 AJAX 101 4.9 CSS LEVEL 2 (CSS2) 102 4.10 CSS LEVEL 3 (CSS3) 103 4.11 XSLT V1.0 104
e-Government Omnibus Technical Standards
Confidential Page iv
4.12 XSLT V2.0 105 4.13 ATOM 106 4.14 RSS V2.0 107 4.15 RTP 108 4.16 SIP 109 4.17 FRAME RELAY 110 4.18 WEBDAV 111 4.19 SECURE SHELL 112 4.20 TELNET 113 4.21 H.323 114 4.22 RTCP 115 4.23 RTP 116 4.24 SIP 117
5 SECURITY 117
5.1 XML ENCRYPTION 118 5.2 X.509 119 5.3 XML SIGNATURE 120 5.4 KERBEROS V4 121 5.5 KERBEROS V5 122 5.6 SAML V2.0 123 5.7 WS-FEDERATION V1.2 124 5.8 WS-SECURECONVERSATION V1.4 125 5.9 WS-SECURITY V1.1 126 5.10 WS-SECURITYPOLICY V1.2 127 5.11 WS-TRUST V1.4 128 5.12 WSS V1.1 129 5.13 XACML 130 5.14 SHA-1 131 5.15 SHA-256 132 5.16 SHA-512 133 5.17 DSA 134 5.18 IPSEC 135 5.19 FTPS 136 5.20 HTTPS 137 5.21 SFTP 138 5.22 SSL V3 139 5.23 TLS V1.0 140 5.24 WEP 141 5.25 WPA 142 5.26 3DES 143 5.27 AES 144 5.28 RSA V2.1 145 5.29 ISO/IEC 14443 146 5.30 ISO/IEC 7816 147 5.31 PGP 148
6 WEB SERVICES 148
6.1 ASAP V1.0 149 6.2 EBXML REGISTRY 3.0 150 6.3 MTOM 151 6.4 SOAP 1.2 152 6.5 SOAP WITH ATTACHMENTS 153 6.6 SPML 154 6.7 UDDI V3.0 155 6.8 WS-ADDRESSING 156 6.9 WS-ATOMICTRANSACTION V1.1 157
e-Government Omnibus Technical Standards
Confidential Page v
6.10 WS-BPEL V2.0 158 6.11 WS-BUSINESSACTIVITY 159 6.12 WS-CAF 160 6.13 WS-CDL 161 6.14 WS-COORDINATION V1.1 162 6.15 WS-DISCOVERY 163 6.16 WS-ENUMERATION 164 6.17 WS-EVENTING 165 6.18 WS-FEDERATION V1.2 166 6.19 WS-INSPECTION 167 6.20 WS-MANAGEABILITY 168 6.21 WS-MESSAGEDELIVERY 169 6.22 WS-METADATAEXCHANGE 170 6.23 WS-NOTIFICATION V1.3 171 6.24 WS-POLICY V1.5 172 6.25 WS-RELIABILITY V1.1 173 6.26 WS-RELIABLEMESSAGING 174 6.27 WS-SECURECONVERSATION V1.4 175 6.28 WS-SECURITY V1.1 176 6.29 WS-SECURITYPOLICY V1.2 177 6.30 WS-TRANSFER 178 6.31 WS-TRUST V1.4 179 6.32 WSDL V1.1 180 6.33 WSDL V2.0 181 6.34 WSDM 182 6.35 WSRP V2.0 183 6.36 WSS V1.1 184
7 SYSTEM CONFIGURATION 184
7.1 DESKTOP COMPUTER (STANDARD) 185 7.2 DESKTOP COMPUTER (ADVANCED) 186 7.3 GRAPHICS WORK STATION 187 7.4 LAPTOP (STANDARD) 188 7.5 LAPTOP (ADVANCED) 189
e-Government Omnibus Technical Standards
Confidential Page 1
1 Introduction
This set of eGovernment Omnibus Technical Standards forms a part of the e-GIF and identifies the stand-ards that systems should comply with in order to be comlpiant with the e-GIF. Standards are categorised into five main categories: Networking, Data Integration, Application / Presentation, Security and Web Services. These categories correspond with layers in the model presented in the e-GIF. A specific standard may fit into more than one category.
Standards are classified in terms of the maturity of their use within Trinidad and Tobago Government sys-tems:
Under Observation means that the standard is either on the list to consider or is under active consideration. If you are interested in it, please contact the working group responsible for main-taining the standards.
Approved means that the standard has been adopted for use within the T&T public sector. See the description for more information.
Deprecated means that the standard is still in use within the T&T public sector. However, it has been superseded and should not be used on new projects. See the description for more information.
Withdrawn means that the standard has either been rejected at initial consideration, or withdrawn from use for security or other reasons. All users should move off withdrawn standards.
Wikipedia is often included as the last reference in the description of a standard. Wikipedia is a com-munity-maintained encyclopedia, and so the quality of entries varies according to the knowledge of the author. It often provides more readable descriptions of standards than the standards documents them-selves, but should never be relied on as a primary source of information.
2 Networking
Networking and interconnection for the first layer of interoperability. Networking within the e-GIF is based on the use of TCP/IP networking. Interconnectivity involves the use of high-level standards such as HTTP for web access and FTP for file transfer. Within a single network, or where linking two networks using the same proprietary technologies, proprietary protocols may be used.
Allowing networks to interoperate without adding in a layer of security is usually dangerous. The security layer therefore serves to secure this layer.
Standards in this Section
Network Protocol
e-Government Omnibus Technical Standards
Confidential Page 2
2.1 802.3ah
Description 802.ah (Ethernet in the First Mile or EFM) is a collection of protocols defining the use of Ethernet in access networks. This allows Ethernet to be used over wide area networks, eliminating the need to convert to other wide area networking formats. 802.3ah can be used within Metro Ethernet networks. 802.3ah is described in Section 5 of the IEEE 802.3 specification
Categories Network Protocol
Classification Adopted
Usage Guidance 802.3ah can be used to provide Metro Ethernet networks.
References Title URL
IEEE specification http://standards.ieee.org/getieee802/download/802.3-2005_section5.pdf
Wikipedia http://en.wikipedia.org/wiki/802.3ah
Related TTGOV Documents
Rationale for Selection 802.3ah is in use in the health sector in TTGOV and is suitable for wider use.
Applicability G2C G2B G2G
Last Changed 21 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 3
2.2 802.ad
Description IEEE 802.3ad is a link aggregation standard which describes using multiple Ethernet net-work cables or ports in parallel to increase the link speed beyond the limits of any one sin-gle cable or port, and to increase the redundancy for higher availability. 802.3ad can be used within Metro Ethernet networks. 802.3ad is described in Section 3 (clause 43) of the IEEE 802.3 specification.
Categories Network Protocol
Classification Adopted
Usage Guidance 802.3ad can be used to aggregate links on Metro Ethernet networks.
References Title URL
IEEE specification http://standards.ieee.org/getieee802/download/802.3-2005_section3.pdf
Wikipedia http://en.wikipedia.org/wiki/802.3ad
Related TTGOV Documents
Rationale for Selection 802.3ad is in use in the health sector in TTGOV and is suitable for wider use.
Applicability G2C G2B G2G
Last Changed 21 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 4
2.3 DSL
Description The Digital Subscriber Line (DSL or xDSL) family of protocols provides digital data trans-mission over the wires of a local telephone network. With suitable filtering, DSL can be used at the same time and on the same line as an analogue telephone as it uses frequen-cies above 25 kHz, while regular telephone uses lower frequencies. Asymmetric DSL (ADSL) is described in ANSI standard T1.413 and ITU Recommendation G.992.1 and is the most widely used version of DSL for Internet access. It allows a faster downlink by lim-iting the speed of the uplink. This suits web browsing, where the client browser usually re-ceives far more data than it sends.
Categories Network Protocol
Classification Adopted
Usage Guidance DSL is the preferred technology for carrying digital signals over the same cable as ana-logue telephone calls.
References Title URL
ANSI http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
ITU Specification http://www.itu.int/rec/T-REC-G.992.1/en
Wikipedia http://en.wikipedia.org/wiki/XDSL
Related TTGOV Documents
Rationale for Selection DSL is a widely used, mature standard for carrying data over analogue phone lines.
Applicability G2C G2B G2G
Last Changed 14 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 5
2.4 IP v4
Description Internet Protocol version 4 (IPv4) is a data-oriented protocol to be used on a packet switched internetwork (e.g., Ethernet). It is a best effort delivery protocol in that it does not guarantee delivery, nor does it assure proper sequencing, or avoid duplicate delivery. These aspects are addressed by an upper layer protocol (e.g. TCP, and partly by UDP). IPv4 does, however, provide data integrity protection through the use of packet check-sums.
Categories Network Protocol
Classification Adopted
Usage Guidance IPv4 is still the dominant protocol on the Internet, and so all equipment should be capable of supporting it. New equipment should also support IPv6.
References Title URL
Internet Protocol Specifica-tion RFC791
http://tools.ietf.org/html/rfc791
Wikipedia http://en.wikipedia.org/wiki/IPv4
Related TTGOV Documents
Rationale for Selection IPv4 is the dominant protocol on the Internet.
Applicability G2C G2B G2G
Last Changed 6 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 6
2.5 IP v6
Description Internet Protocol version 6 (IPv6) is an Internet Layer protocol for packet-switched inter-networks. IPv4 is currently the dominant Internet Protocol version, and was the first to re-ceive widespread use. The Internet Engineering Task Force (IETF) has designated IPv6 as the successor to version 4 for general use on the Internet. IPv6 has a much larger address space than IPv4, which provides flexibility in allocating addresses and routing traffic. The extended address length (128 bits) is intended to eliminate the need for network address translation to avoid address exhaustion, and also simplifies aspects of address assignment and renumbering, when changing Internet connectivity providers.
Categories Network Protocol
Classification Adopted
Usage Guidance New procurements should specify IPv6 support so that migration will be easier when the time comes.
References Title URL
Recommendation for the IP Next Generation Protocol RFC1752
http://tools.ietf.org/html/rfc1752
Wikipedia http://en.wikipedia.org/wiki/IPv6
Related TTGOV Documents
Rationale for Selection The IPv4 address space is becoming depleted. Although steps have been taken to mitigate this, IPv6 is seen as the longer term solution.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 7
2.6 PPP
Description In networking, the Point-to-Point Protocol, or PPP, is a data link protocol commonly used to establish a direct connection between two networking nodes. It can provide connection authentication and can also provide transmission encryption privacy and compression. Most Internet service providers (ISPs) use PPP for customer dial-up access to the Internet. Two encapsulated forms of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used by ISPs to connect Digital Subscriber Line (DSL) Internet service.
Categories Network Protocol
Classification Adopted
Usage Guidance
References Title URL
Specification http://tools.ietf.org/html/rfc1661.txt
Wikipedia http://en.wikipedia.org/wiki/Point-to-Point_Protocol
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 19 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 8
2.7 TCP
Description The Transmission Control Protocol (TCP) is one of the core protocols of the Internet Proto-col Suite. Whereas IP handles lower-level transmissions from computer to computer as a message makes its way across the Internet, TCP operates at a higher level, concerned only with the two end systems, for example a Web browser and a Web server. In particular, TCP provides reliable, ordered delivery of a stream of bytes from one program on one computer to another program on another computer. Besides the Web, other common ap-plications of TCP include e-mail and file transfer. Among its management tasks, TCP con-trols message size, the rate at which messages are exchanged, and network traffic con-gestion.
Categories Network Protocol
Classification Adopted
Usage Guidance No specific guidance.
References Title URL
Specification http://www.ietf.org/rfc/rfc0793.txt
Wikipedia http://en.wikipedia.org/wiki/Transmission_Control_Protocol
Related TTGOV Documents
Rationale for Selection TCP is a standard part of the Internet protocol stack.
Applicability G2C G2B G2G
Last Changed 09 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 9
2.8 UDP
Description User Datagram Protocol (UDP) is one of the core protocols of the Internet Protocol Suite. Using UDP, programs on networked computers can send short messages sometimes known as datagrams to one another. UDP does not guarantee reliability or ordering in the way that TCP does. Datagrams may arrive out of order, appear duplicated, or go missing without notice. Avoiding the overhead of checking whether every packet actually arrived makes UDP faster and more efficient for applications that do not need guaranteed delivery. Time-sensitive applications often use UDP because data in dropped packets will often be replaced by more recent data at a later time, and so dropped packets are preferable to delayed packets. UDP's stateless nature is also useful for servers that answer small queries from huge numbers of clients. Unlike TCP, UDP is compatible with packet broadcast (sending to all on local network) and multi-casting (send to all subscribers).
Categories Network Protocol
Classification Adopted
Usage Guidance UDP should only be used in the specific cases where its limitations do not matter. Usually, the application will select between TCP and UDP as the underlying protocol.
References Title URL
Specification http://www.ietf.org/rfc/rfc0768
Wikipedia http://en.wikipedia.org/wiki/User_Datagram_Protocol
Related TTGOV Documents
Rationale for Selection UDP is a standard part of the Internet protocol stack.
Applicability G2C G2B G2G
Last Changed 9 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 10
Wireless LAN
2.9 IEEE 802.11b
Description IEEE 802 is a specification for wireless LANs. Over a period of time, new and higher per-formance protocols have been added to the standard. 802.11b provides a data rate of 11Mbps, although actual throughput will be substantially below this. It was the first of the protocols to have been widely adopted.
Categories Wireless LAN
Classification Deprecated
Usage Guidance 802.11b has been superseded by 802.11g and the upcoming 802.11n. It should only be used as afallback when the newer and faster protocols are not available.
References Title URL
IEEE Specification http://standards.ieee.org/getieee802/download/802.11-2007.pdf
Wikipedia http://en.wikipedia.org/wiki/802.11b
Related TTGOV Documents
Rationale for Selection The 802.11 standard is ubiquitous for wireless networking.
Applicability G2C G2B G2G
Last Changed 10 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 11
2.10 IEEE 802.11g
Description IEEE 802 is a specification for wireless LANs. Over a period of time, new and higher per-formance protocols have been added to the standard. 802.11g provides a data rate of 54Mbps, although actual throughputs will be substantially below this.
Categories Wireless LAN
Classification Adopted
Usage Guidance 802.11g has been superseded by 802.11. It should only be used when the newer and fast-er protocols are not available.802.11g is a standardise offering and so all equipment bought should be capable of supporting this.
References Title URL
IEEE Specification http://standards.ieee.org/getieee802/download/802.11-2007.pdf
Wikipedia http://en.wikipedia.org/wiki/802.11g
Related TTGOV Documents
Rationale for Selection The 802.11g standard is ubiquitous for wireless networking.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 12
2.11 IEEE 802.11n
Description IEEE 802 is a specification for wireless LANs. Over a period of time, new and higher per-formance protocols have been added to the standard. 802.11n provides a data rate of 600Mbps, although actual throughputs will be substantially below this.
Categories Wireless LAN
Classification Adopted
Usage Guidance 802.11g is currently the fastest standardised offering and so all equipment bought should be capable of supporting this. Newer wireless equipment supports this standard of the faster 802.11n and can fall back to 802.11g and 802.11b support. Some manufacturers guarantee that a free firmware upgrade will be available to enable equipment to meet the final 802.11n standard. Such equipment is acceptable for use within TTGOV.
References Title URL
IEEE Specification http://standards.ieee.org/getieee802/download/802.11-2007.pdf
Wikipedia http://en.wikipedia.org/wiki/802.11n
Related TTGOV Documents
Rationale for Selection The 802.11n standard is ubiquitous for wireless networking.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 13
Data Transfer
2.12 HTTP v1.1
Description Hypertext Transfer Protocol (HTTP) is a communications protocol for the transfer of infor-mation on the Internet. Its use for retrieving inter-linked text documents (hypertext) led to the establishment of the World Wide Web. The current version is 1.1.
Categories Data Transfer File Transfer
Classification Adopted
Usage Guidance HTTP v1.1 should be used as the protocol for accessing web sites. It may also be offered as an alternative to FTP for downloading files, but should not be the only protocol offered for that purpose.
References Title URL
Specification http://www.ietf.org/rfc/rfc2616
Wikipedia http://en.wikipedia.org/wiki/Http
Related TTGOV Documents
Rationale for Selection HTTP is ubiquitous for web access, and frequently used for file transfer.
Applicability G2C G2B G2G
Last Changed 10 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 14
2.13 HTTPS
Description Strictly speaking, HTTPS is not a separate protocol, but refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Lay-er Security (TLS) connection. It provides a layer of encryption of the data being transmit-ted.
Categories Data Transfer Transport Level Security File Transfer
Classification Adopted
Usage Guidance HTTPS should be used instead of a simple HTTP connection when sensitive data is being transferred.
References Title URL
HTTP Specification http://www.ietf.org/rfc/rfc2616
SSL Specification http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
TLS Specification http://www.ietf.org/rfc/rfc2246.txt
Wikipedia http://en.wikipedia.org/wiki/Https
Related TTGOV Documents
Rationale for Selection Although not a protocol itself, people often refer to HTTPS. It is in very common use.
Applicability G2C G2B G2G
Last Changed 1 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 15
File Transfer
2.14 FTP
Description FTP is a file transfer protocol for exchanging and manipulating files over a TCP computer network. A FTP client may connect to a FTP server to manipulate files on that server. As there are many FTP client and server programs available for different operating systems, FTP is a popular choice for exchanging files independent of the operating systems in-volved.
Categories File Transfer
Classification Deprecated
Usage Guidance FTP is the standard protocol for file transfer over TCP/IP networks. HTTP can also be used for this purpose, but should only be offered in addition to FTP. FTP can be used in either active or passive modes. Active mode is harder to block through firewalls as it can use an arbitrary port number. Forthis reason, passive mode is preferred.
References Title URL
Specification http://www.ietf.org/rfc/rfc959.txt
Wikipedia http://en.wikipedia.org/wiki/Ftp
Related TTGOV Documents
Rationale for Selection FTP is the standard protocol for file transfer over TCP/IP networks.
Applicability G2C G2B G2G
Last Changed 10 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 16
2.15 FTPS
Description Strictly speaking, FTPS is not a separate protocol, but refers to the combination of a nor-mal FTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. It provides a layer of encryption of the data being transmitted. FTPS should be when you have a server that needs to be accessed from personal devices (smartphones, PDAs, and the like) or from some specific operating systems that have FTP support but don't have SSH/SFTP clients. If you are building a custom security solution, SFTP is probably the better option.
Categories File Transfer Transport Level Security
Classification Adopted
Usage Guidance Either FTPS or SFTP should be considered where encryption is required for an FTP con-nection.
References Title URL
FTP Specification http://www.ietf.org/rfc/rfc959.txt
SSL Specification http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
TLS Specification http://www.ietf.org/rfc/rfc2246.txt
RFC "Securing FTP with TLS"
http://www.ietf.org/rfc/rfc2246.txt
Wikipedia http://en.wikipedia.org/wiki/Ftps
What to Choose http://www.codeguru.com/csharp/.net/net_general/internet/article.php/c14329
Related TTGOV Documents
Rationale for Selection FTPS is a widely used, mature, protocol.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 17
2.16 HTTP v1.1
Description Hypertext Transfer Protocol (HTTP) is a communications protocol for the transfer of infor-mation on the Internet. Its use for retrieving inter-linked text documents (hypertext) led to the establishment of the World Wide Web. The current version is 1.1.
Categories Data Transfer File Transfer
Classification Adopted
Usage Guidance HTTP v1.1 should be used as the protocol for accessing web sites. It may also be offered as an alternative to FTP for downloading files, but should not be the only protocol offered for that purpose.
References Title URL
Specification http://www.ietf.org/rfc/rfc2616
Wikipedia http://en.wikipedia.org/wiki/Http
Related TTGOV Documents
Rationale for Selection HTTP is ubiquitous for web access, and frequently used for file transfer.
Applicability G2C G2B G2G
Last Changed 10 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 18
2.17 HTTPS
Description Strictly speaking, HTTPS is not a separate protocol, but refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Lay-er Security (TLS) connection. It provides a layer of encryption of the data being transmit-ted.
Categories Data Transfer Transport Level Security File Transfer
Classification Adopted
Usage Guidance HTTPS should be used instead of a simple HTTP connection when sensitive data is being transferred.
References Title URL
HTTP Specification http://www.ietf.org/rfc/rfc2616
SSL Specification http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
TLS Specification http://www.ietf.org/rfc/rfc2246.txt
Wikipedia http://en.wikipedia.org/wiki/Https
Related TTGOV Documents
Rationale for Selection Although not a protocol itself, people often refer to HTTPS. It is in very common use.
Applicability G2C G2B G2G
Last Changed 1 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 19
2.18 SFTP
Description the SSH File Transfer Protocol (SFTP) is a network protocol that provides file transfer and manipulation functionality over any reliable data stream. Compared to the SCP protocol, which allows only file transfers, the SFTP protocol allows for a range of operations on re-mote files. An SFTP client's extra capabilities compared to an SCP client include resuming interrupted transfers, directory listings, and remote file removal. Although widely imple-mented, the specification is still in draft form.
Categories File Transfer
Transport Level Security
Classification Under Observation
Usage Guidance Either FTPS or SFTP should be considered where encryption is required for an FTP con-nection.
References Title URL
Specification http://tools.ietf.org/html/draft-ietf-secsh-filexfer-10
Wikipedia http://en.wikipedia.org/wiki/SSH_file_transfer_protocol
Related TTGOV Documents
Rationale for Selection SFTP is a widely used, mature, protocol.
Applicability G2C G2B G2G
Last Changed 24 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 20
Time Synchronisation
2.19 NTP v4
Description The Network Time Protocol (NTP) is a protocol for distributing the Coordinated Universal Time (UTC) by means of synchronizing the clocks of computer systems over packet-switched, variablelatency data networks. This release of the NTP Version 4 (NTPv4) distri-bution for Unix, VMS and Windows incorporates new features and refinements, but retain-ing backwards compatibility with older versions, including NTPv3 and NTPv2, but not NTPv1. Support for NTPv1 has been discontinued because of certain security vulnerabili-ties
Categories Web Services
Classification Under Observation
Usage Guidance NTP should be used for distributing time information. However NTPv4 has not been an approved standard. If this protocol has to be used then the NTPv3 should be considered as there are official specifications for this protocol.
References Title URL
Specification http://www.ietf.org/rfc/rfc2030.txt
Wikipedia http://en.wikipedia.org/wiki/Network_Time_Protocol
Understanding and using the Network Time Protocol
http://www.ntp.org/ntpfaq/NTP-a-faq.htm
Related TTGOV Documents
Rationale for Selection In many cases, it is important that the clocks of computers are synchronised. This pre-vents, for example, applications getting confused when the response to a message is timestamped by a remote computer as being sent before the original message was sent.
Applicability G2C G2B G2G
Last Changed 26 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 21
Directory Access
2.20 LDAP v3.0
Description LDAP (Lightweight Directory Access Protocol) is an Internet protocol that is used for gen-eral purpose directory user access. It provides a mechanism for querying and modifying information that resides in a directory information tree. Thus, it allows e-mail and other pro-grammes to look up information from a server. It is an open network protocol so the type of server hosting the directory is not important.
Categories Directory Access
Classification Adopted
Usage Guidance LDAP should be used throughout TTGOV.
References Title URL
Specification Roadmap http://www.ietf.org/rfc/rfc4510.txt
The Protocol http://www.ietf.org/rfc/rfc4511.txt
Directory Information Models http://www.ietf.org/rfc/rfc4512.txt
Authentication Methods and Security Mechanisms
http://www.ietf.org/rfc/rfc4513.txt
String Representation of Dis-tinguished Names
http://www.ietf.org/rfc/rfc4514.txt
String Representation of Search Filters
http://www.ietf.org/rfc/rfc4515.txt
Uniform Resource Locator http://www.ietf.org/rfc/rfc4516.txt
Syntaxes and Matching Rules
http://www.ietf.org/rfc/rfc4517.txt
Internationalized String Preparation
http://www.ietf.org/rfc/rfc4518.txt
Schema for User Applica-tions
http://www.ietf.org/rfc/rfc4519.txt
Wikipedia http://en.wikipedia.org/wiki/Ldap
Related TTGOV Documents
Rationale for Selection LDAP is the dominant directory access protocol supported by all the major directory soft-ware providers. Version 3 is the latest version and has been widely adopted.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 22
2.21 DNS
Description The DNS (Domain Name System) is an Internet service that translates domain names into IP addresses. The Internet is based on numeric IP addresses. Because domain names are alphanumeric, they can be made easier to remember. Whenever someone uses a domain name, it must be translated. TTGOV name servers may be subject to attacks and appro-priate steps should be taken to cater for this.
Categories Domain Name Service
Classification Adopted
Usage Guidance DNS should be used throughout TTGOV.
References Title URL
Concepts and Facilities http://www.ietf.org/rfc/rfc1034.txt
Implementation and Specifica-tion
http://www.ietf.org/rfc/rfc1035.txt
Clarification to the DNS Speci-fication
http://www.ietf.org/rfc/rfc2181.txt
Wikipedia http://en.wikipedia.org/wiki/Domain_Name_System
Related TTGOV Documents
Rationale for Selection DNS is ubiquitous for domain name resolution on the Internet.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 23
Session Control
2.22 SCP
Description SCP (Session Control Protocol) is a simple protocol which allows a server and client to have multiple conversations over a single TCP connection.
Categories Session Control
Classification Under Observation
Usage Guidance
References Title URL
Description http://www.w3.org/Protocols/HTTP-NG/http-ng-scp.html
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
3 Data Integration
The Data Integration category includes standards relating to the format of the data being transferred. It includes standards for character sets and character encodings, as well as file format types and stand-ards for data message formatting, data message definition and data transformation.
In general, information from databases will be exchanged in an agreed XML format. There are some cases, explained in the "delimited text" section, where other formats may be appropriate. No standards are provid-ed for native database formats since a variety of databases are in use and exchanging data in a native data-base format will be done by agreement between the parties. For interworking within the Government space, some proprietary protocols are allowed. This allows the full power of applications that are in use throughout TTGOV to be used, while more open formats are specified for use when interoperating with the public.
Standards in this Section
e-Government Omnibus Technical Standards
Confidential Page 24
Unformatted File Type
3.1 Plain Text (.txt)
Description Plain, unformatted text files. The only control characters allowed are those in the ASCII character set (line feed, tab etc). There is no restriction on the character set for printable characters.
Categories Unformatted File Type
Classification Adopted
Usage Guidance This is a "lowest common denominator" format that can be used when there is no more structured format available for an interaction. For an even higher level of compatibility, the sending application can restrict its character set to the ASCII set.
References Title URL
Specification http://tools.ietf.org/html/rfc4880.txt
Wikipedia http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Adobe reader http://www.adobe.com/products/acrobat/readstep2.html
Wikipedia http://en.wikipedia.org/wiki/Pdf
Related TTGOV Documents
Rationale for Selection This simple format can be imported into most word processing packages, email software and other tools.
Applicability G2C G2B G2G
Last Changed 30 September 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 25
Word Processor Document File Type
3.2 HTML v4.01
Description HTML standards for HyperText Markup Language, and is the predominant markup lan-guage for Web pages. It provides a means to describe the structure of text-based infor-mation in a document — by denoting certain text as links, headings, paragraphs, lists, and so on — and to supplement that text with interactive forms, embedded images, and other objects. HTML is written in the form of tags, surrounded by angle brackets. HTML can in-clude embedded scripting language code (such as JavaScript) which can affect the behav-iour of Web browsers and other HTML processors.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Adopted
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way.
References Title URL
HTML 4.01 Specification http://www.w3.org/TR/html401/
Wikipedia http://en.wikipedia.org/wiki/Html
Related TTGOV Documents
Rationale for Selection HTML 4.01 is the latest approved version of HTML and is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 2 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 26
3.3 HTML v5
Description HTML v5 is an extension of the existing HTML specification to express the semantics of many of the non-document types of content often seen on the Web. For instance, forum sites, auction sites, search engines, online shops, and the like, which do not fit the document metaphor well.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Under Observation
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way. HTML 5 cannot be ren-dered on all browers at this time
References Title URL
HTML v5 Working Draft http://www.w3.org/TR/html5/
Related TTGOV Documents
Rationale for Selection HTML 5 is the latest version of HTML but is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 27
3.4 Microsoft Word 2003 (.doc)
Description Microsoft Word 2003 is the word processor used within TTGOV. It uses a proprietary file format.
Categories Word Processor Document File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. Note that the recipient of a documetn may not have support for the same fonts as were used to create it. It may be necessary to choose the option to save the fonts with the document to ensure that the re-cipient sees the document as intended.
References
Related TTGOV Documents
Rationale for Selection This is the format currently used within Government. By exchanging documents in their native format, additional information, such as macros, is preserved.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 28
3.5 Open Office XML
Description Office Open XML (OOXML) is a file format for representing spreadsheets, charts, presen-tations and word processing documents. An Office Open XML document file contains mainly XML based files compressed within a zip package. It should not be confused with OpenDocument or OpenOffice, which is a format used by early version of Sun's Star Of-fice. Open Office XML was introduced by Microsoft with Office 2007. It has since been adopted as a standard by ECMA and is going through the ISO standardisation process.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type
Classification Under Observation
Usage Guidance Open Office XML can be used by bi-lateral agreement. However, in general, documents produced with Microsoft Office 2007 should be saved in Microsoft Office 2003 formats if they are to be shared.
References Title URL
ISO/IEC PRF 29500-1 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51463
ISO/IEC PRF 29500-2 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51459
ISO/IEC PRF 29500-3 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51461
ISO/IEC PRF 29500-4 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51462
ECMA specification http://www.ecma-international.org/publications/standards/Ecma-376.htm
Related TTGOV Documents
Rationale for Selection Microsoft Office is widely used within TTGOV. At some point, it is likely that the Govern-ment will move to Office 2007 or later, in which case the formats used will need to be ap-proved for use.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 29
3.6 OpenDocument
Description The OpenDocument format (ODF) is a file format for electronic office documents such as spreadsheets, charts, presentations and word processing documents. While the specifica-tions were originally developed by Sun, the standard was developed by the Open Office XML technical committee of the Organization for the Advancement of Structured Infor-mation Standards (OASIS) consortium and based on the XML format originally created and implemented by the OpenOffice.org office suite. It should not be confused with Open Office XML. ISO/IEC has standardised version 1.0. OASIS has published v1.1 as an OASIS Standard. Microsoft Office 2007 SP2 supports ODF version 1.1. Sun Microsystems has a free plug-in to allow Microsoft Office 2007 (Service Pack 1 or higher), Microsoft Office 2003, Microsoft Office XP and Microsoft Office 2000 to import and export ODF.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Bitmapped Image File Type Vector Graphics File Type
Classification Under Observation
Usage Guidance
References Title URL
OASIS specification http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=43485
ISO/IEC 26300:2006 http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1.pdf
Wikipedia http://en.wikipedia.org/wiki/OpenDocument
Related TTGOV Documents
Rationale for Selection OpenDocument is gaining support with the public as it is supported by free office software products. Its possible use should be reviewed regularly.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 30
3.7 PDF
Description Portable Document Format (PDF) is a file format created by Adobe Systems for document exchange. PDF is used for representing documents in a manner independent of the appli-cation software, hardware, an operating system. PDF preserves the exact layout of the original document. It is an open standard that was officially published in 2008 ISO 32000-1:2008.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Project Plan File Type CAD File Type
Classification Adopted
Usage Guidance PDF should be used for documents that require read-only access. Where a PDF document is used on a TTGOV web site, a link should be provided to download Adobe's free PDF reader. In general, the features used in PDF documents should lag the current Adobe reader by at least one version to help minimise the likelihood of a user needing to update their reader. Although the PDF format allows text to be obscured (for example, to prevent sensitive parts of documents being read by the general public), this should only be used for print purposes. Such documents should never be published electronically as the obscured text can easily be read.
References Title URL
ISO http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51502
Adobe http://www.adobe.com/products/acrobat/adobepdf.html
Adobe reader http://www.adobe.com/products/acrobat/readstep2.html
Wikipedia http://en.wikipedia.org/wiki/Pdf
Related TTGOV Documents
Rationale for Selection PDF is the dominant format for publishing read-only documents on the Internet and else-where. The format provides control over how the user may use the document, with the abil-ity to lock documents for printing, editing and copying sections.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 31
3.8 Rich Text Format v1.9.1
Description The Rich Text Format (RTF) Specification was developed by Microsoft and provides a for-mat for text and graphics interchange. Version 1.9.1 of the specification contains the up-dates introduced by Microsoft Office Word 2007. RTF uses the American National Stand-ards Institute (ANSI), PC-8, Macintosh, or IBM PC character set to control the representa-tion and formatting of a document, both on the screen and in print.
Categories Word Processor Document File Type
Classification Adopted
Usage Guidance RTF is a proprietary format, and so should only be used when no open format is available, and only with agreement between the parties in a data interchange. It can be read by many non-Microsoft products.
References Title URL
Specification http://www.microsoft.com/downloads/details.aspx?FamilyId=DD422B8D-FF06-4207-B476-6B5396A18A2B&displaylang=en
Wikipedia http://en.wikipedia.org/wiki/Rich_Text_Format
Related TTGOV Documents
Rationale for Selection RTF is supported by many word processing packages, and so is a good format to use when a document must be editable by the recipient.
Applicability G2C G2B G2G
Last Changed 30 September 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 32
Spreadsheet File Type
3.9 Delimited Text
Description Delimited text is commonly used for exchanging information between spreadsheets and databases. It can be especially useful as a spreadsheet export as the simple table struc-ture of a spreadsheet can be represented easily in this format. Delimited text files are often referred to as "CSV" (comma separated variable), although the tab character is more often used as a delimiter since this character is less likely to be contained within the data itself. Spreadsheet programs can accept a range of characters for delimiters.
Categories Spreadsheet File Type
Database File Type
Classification Adopted
Usage Guidance The best means of transferring data between systems is using an agreed XML format since this preserves the principle of loose coupling between systems . However, there will be times, especially for large data sets that are being moved between Government sys-tems, when an agreed delimited text format is more efficient.
References Title URL
Related TTGOV Documents
Rationale for Selection There are times, particularly for large data sets, when the overhead of transmitting and processing XML is too great. In these cases a delimited text file often provides the best solution.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 33
3.10 HTML v4.01
Description HTML standards for HyperText Markup Language, and is the predominant markup lan-guage for Web pages. It provides a means to describe the structure of text-based infor-mation in a document — by denoting certain text as links, headings, paragraphs, lists, and so on — and to supplement that text with interactive forms, embedded images, and other objects. HTML is written in the form of tags, surrounded by angle brackets. HTML can in-clude embedded scripting language code (such as JavaScript) which can affect the behav-iour of Web browsers and other HTML processors.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Adopted
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way.
References Title URL
HTML 4.01 Specification http://www.w3.org/TR/html401/
Wikipedia http://en.wikipedia.org/wiki/Html
Related TTGOV Documents
Rationale for Selection HTML 4.01 is the latest approved version of HTML and is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 2 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 34
3.11 HTML v5
Description HTML v5 is an extension of the existing HTML specification to express the semantics of many of the non-document types of content often seen on the Web. For instance, forum sites, auction sites, search engines, online shops, and the like, which do not fit the document metaphor well.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Under Observation
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way. HTML 5 cannot be ren-dered on all browers at this time
References Title URL
HTML v5 Working Draft http://www.w3.org/TR/html5/
Related TTGOV Documents
Rationale for Selection HTML 5 is the latest version of HTML but is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 35
3.12 Microsoft Excel 2003 (.xls)
Description Microsoft Excel 2003 is the spreadsheet software used within TTGOV. It uses a proprietary file format.
Categories Spreadsheet File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. Note that the recipient of a documetn may not have support for the same fonts as were used to create it. It may be necessary to choose the option to save the fonts with the document to ensure that the re-cipient sees the document as intended.
References
Related TTGOV Documents
Rationale for Selection This is the format currently used within Government. By exchanging documents in their native format, additional information, such as macros, is preserved.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 36
3.13 Open Office XML
Description Office Open XML (OOXML) is a file format for representing spreadsheets, charts, presen-tations and word processing documents. An Office Open XML document file contains mainly XML based files compressed within a zip package. It should not be confused with OpenDocument or OpenOffice, which is a format used by early version of Sun's Star Of-fice. Open Office XML was introduced by Microsoft with Office 2007. It has since been adopted as a standard by ECMA and is going through the ISO standardisation process.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type
Classification Under Observation
Usage Guidance Open Office XML can be used by bi-lateral agreement. However, in general, documents produced with Microsoft Office 2007 should be saved in Microsoft Office 2003 formats if they are to be shared.
References Title URL
ISO/IEC PRF 29500-1 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51463
ISO/IEC PRF 29500-2 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51459
ISO/IEC PRF 29500-3 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51461
ISO/IEC PRF 29500-4 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51462
ECMA specification http://www.ecma-international.org/publications/standards/Ecma-376.htm
Related TTGOV Documents
Rationale for Selection Microsoft Office is widely used within TTGOV. At some point, it is likely that the Govern-ment will move to Office 2007 or later, in which case the formats used will need to be ap-proved for use.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 37
3.14 OpenDocument
Description The OpenDocument format (ODF) is a file format for electronic office documents such as spreadsheets, charts, presentations and word processing documents. While the specifica-tions were originally developed by Sun, the standard was developed by the Open Office XML technical committee of the Organization for the Advancement of Structured Infor-mation Standards (OASIS) consortium and based on the XML format originally created and implemented by the OpenOffice.org office suite. It should not be confused with Open Office XML. ISO/IEC has standardised version 1.0. OASIS has published v1.1 as an OASIS Standard. Microsoft Office 2007 SP2 supports ODF version 1.1. Sun Microsystems has a free plug-in to allow Microsoft Office 2007 (Service Pack 1 or higher), Microsoft Office 2003, Microsoft Office XP and Microsoft Office 2000 to import and export ODF.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Bitmapped Image File Type Vector Graphics File Type
Classification Under Observation
Usage Guidance
References Title URL
OASIS specification http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=43485
ISO/IEC 26300:2006 http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1.pdf
Wikipedia http://en.wikipedia.org/wiki/OpenDocument
Related TTGOV Documents
Rationale for Selection OpenDocument is gaining support with the public as it is supported by free office software products. Its possible use should be reviewed regularly.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 38
3.15 PDF
Description Portable Document Format (PDF) is a file format created by Adobe Systems for document exchange. PDF is used for representing documents in a manner independent of the appli-cation software, hardware, an operating system. PDF preserves the exact layout of the original document. It is an open standard that was officially published in 2008 ISO 32000-1:2008.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Project Plan File Type CAD File Type
Classification Adopted
Usage Guidance PDF should be used for documents that require read-only access. Where a PDF document is used on a TTGOV web site, a link should be provided to download Adobe's free PDF reader. In general, the features used in PDF documents should lag the current Adobe reader by at least one version to help minimise the likelihood of a user needing to update their reader. Although the PDF format allows text to be obscured (for example, to prevent sensitive parts of documents being read by the general public), this should only be used for print purposes. Such documents should never be published electronically as the obscured text can easily be read.
References Title URL
ISO http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51502
Adobe http://www.adobe.com/products/acrobat/adobepdf.html
Adobe reader http://www.adobe.com/products/acrobat/readstep2.html
Wikipedia http://en.wikipedia.org/wiki/Pdf
Related TTGOV Documents
Rationale for Selection PDF is the dominant format for publishing read-only documents on the Internet and else-where. The format provides control over how the user may use the document, with the abil-ity to lock documents for printing, editing and copying sections.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 39
Presentation File Type
3.16 HTML v4.01
Description HTML standards for HyperText Markup Language, and is the predominant markup lan-guage for Web pages. It provides a means to describe the structure of text-based infor-mation in a document — by denoting certain text as links, headings, paragraphs, lists, and so on — and to supplement that text with interactive forms, embedded images, and other objects. HTML is written in the form of tags, surrounded by angle brackets. HTML can in-clude embedded scripting language code (such as JavaScript) which can affect the behav-iour of Web browsers and other HTML processors.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Adopted
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way.
References Title URL
HTML 4.01 Specification http://www.w3.org/TR/html401/
Wikipedia http://en.wikipedia.org/wiki/Html
Related TTGOV Documents
Rationale for Selection HTML 4.01 is the latest approved version of HTML and is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 2 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 40
3.17 HTML v5
Description HTML v5 is an extension of the existing HTML specification to express the semantics of many of the non-document types of content often seen on the Web. For instance, forum sites, auction sites, search engines, online shops, and the like, which do not fit the document metaphor well.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Under Observation
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way. HTML 5 cannot be ren-dered on all browers at this time
References Title URL
HTML v5 Working Draft http://www.w3.org/TR/html5/
Related TTGOV Documents
Rationale for Selection HTML 5 is the latest version of HTML but is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 41
3.18 Microsoft PowerPoint 2003 (.ppt)
Description Microsoft PowerPoint 2003 is the presentation software used within TTGOV. It uses a pro-prietary file format.
Categories Presentation File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. Note that the recipient of a document may not have support for the same fonts as were used to create it. It may be necessary to choose the option to save the fonts with the document to ensure that the re-cipient sees the document as intended.
References
Related TTGOV Documents
Rationale for Selection This is the format currently used within Government. By exchanging documents in their native format, additional information, such as slide transitions, is preserved.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 42
3.19 Open Office XML
Description Office Open XML (OOXML) is a file format for representing spreadsheets, charts, presen-tations and word processing documents. An Office Open XML document file contains mainly XML based files compressed within a zip package. It should not be confused with OpenDocument or OpenOffice, which is a format used by early version of Sun's Star Of-fice. Open Office XML was introduced by Microsoft with Office 2007. It has since been adopted as a standard by ECMA and is going through the ISO standardisation process.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type
Classification Under Observation
Usage Guidance Open Office XML can be used by bi-lateral agreement. However, in general, documents produced with Microsoft Office 2007 should be saved in Microsoft Office 2003 formats if they are to be shared.
References Title URL
ISO/IEC PRF 29500-1 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51463
ISO/IEC PRF 29500-2 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51459
ISO/IEC PRF 29500-3 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51461
ISO/IEC PRF 29500-4 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51462
ECMA specification http://www.ecma-international.org/publications/standards/Ecma-376.htm
Related TTGOV Documents
Rationale for Selection Microsoft Office is widely used within TTGOV. At some point, it is likely that the Govern-ment will move to Office 2007 or later, in which case the formats used will need to be ap-proved for use.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 43
3.20 OpenDocument
Description The OpenDocument format (ODF) is a file format for electronic office documents such as spreadsheets, charts, presentations and word processing documents. While the specifica-tions were originally developed by Sun, the standard was developed by the Open Office XML technical committee of the Organization for the Advancement of Structured Infor-mation Standards (OASIS) consortium and based on the XML format originally created and implemented by the OpenOffice.org office suite. It should not be confused with Open Office XML. ISO/IEC has standardised version 1.0. OASIS has published v1.1 as an OASIS Standard. Microsoft Office 2007 SP2 supports ODF version 1.1. Sun Microsystems has a free plug-in to allow Microsoft Office 2007 (Service Pack 1 or higher), Microsoft Office 2003, Microsoft Office XP and Microsoft Office 2000 to import and export ODF.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Bitmapped Image File Type Vector Graphics File Type
Classification Under Observation
Usage Guidance
References Title URL
OASIS specification http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=43485
ISO/IEC 26300:2006 http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1.pdf
Wikipedia http://en.wikipedia.org/wiki/OpenDocument
Related TTGOV Documents
Rationale for Selection OpenDocument is gaining support with the public as it is supported by free office software products. Its possible use should be reviewed regularly.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 44
3.21 PDF
Description Portable Document Format (PDF) is a file format created by Adobe Systems for document exchange. PDF is used for representing documents in a manner independent of the appli-cation software, hardware, an operating system. PDF preserves the exact layout of the original document. It is an open standard that was officially published in 2008 ISO 32000-1:2008.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Project Plan File Type CAD File Type
Classification Adopted
Usage Guidance PDF should be used for documents that require read-only access. Where a PDF document is used on a TTGOV web site, a link should be provided to download Adobe's free PDF reader. In general, the features used in PDF documents should lag the current Adobe reader by at least one version to help minimise the likelihood of a user needing to update their reader. Although the PDF format allows text to be obscured (for example, to prevent sensitive parts of documents being read by the general public), this should only be used for print purposes. Such documents should never be published electronically as the obscured text can easily be read.
References Title URL
ISO http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51502
Adobe http://www.adobe.com/products/acrobat/adobepdf.html
Adobe reader http://www.adobe.com/products/acrobat/readstep2.html
Wikipedia http://en.wikipedia.org/wiki/Pdf
Related TTGOV Documents
Rationale for Selection PDF is the dominant format for publishing read-only documents on the Internet and else-where. The format provides control over how the user may use the document, with the abil-ity to lock documents for printing, editing and copying sections.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 45
Project Plan File Type
3.22 HTML v4.01
Description HTML standards for HyperText Markup Language, and is the predominant markup lan-guage for Web pages. It provides a means to describe the structure of text-based infor-mation in a document — by denoting certain text as links, headings, paragraphs, lists, and so on — and to supplement that text with interactive forms, embedded images, and other objects. HTML is written in the form of tags, surrounded by angle brackets. HTML can in-clude embedded scripting language code (such as JavaScript) which can affect the behav-iour of Web browsers and other HTML processors.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Adopted
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way.
References Title URL
HTML 4.01 Specification http://www.w3.org/TR/html401/
Wikipedia http://en.wikipedia.org/wiki/Html
Related TTGOV Documents
Rationale for Selection HTML 4.01 is the latest approved version of HTML and is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 2 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 46
3.23 HTML v5
Description HTML v5 is an extension of the existing HTML specification to express the semantics of many of the non-document types of content often seen on the Web. For instance, forum sites, auction sites, search engines, online shops, and the like, which do not fit the document metaphor well.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Under Observation
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way. HTML 5 cannot be ren-dered on all browers at this time
References Title URL
HTML v5 Working Draft http://www.w3.org/TR/html5/
Related TTGOV Documents
Rationale for Selection HTML 5 is the latest version of HTML but is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 47
3.24 Microsoft Project 2003 (.mpp)
Description Microsoft Project 2003 is the project management software used within TTGOV. It uses a proprietary file format.
Categories Project Plan File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats.
References
Related TTGOV Documents
Rationale for Selection This is the format currently used within Government. By exchanging documents in their native format, additional information, such as slide transitions, is preserved.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 48
3.25 PDF
Description Portable Document Format (PDF) is a file format created by Adobe Systems for document exchange. PDF is used for representing documents in a manner independent of the appli-cation software, hardware, an operating system. PDF preserves the exact layout of the original document. It is an open standard that was officially published in 2008 ISO 32000-1:2008.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Project Plan File Type CAD File Type
Classification Adopted
Usage Guidance PDF should be used for documents that require read-only access. Where a PDF document is used on a TTGOV web site, a link should be provided to download Adobe's free PDF reader. In general, the features used in PDF documents should lag the current Adobe reader by at least one version to help minimise the likelihood of a user needing to update their reader. Although the PDF format allows text to be obscured (for example, to prevent sensitive parts of documents being read by the general public), this should only be used for print purposes. Such documents should never be published electronically as the obscured text can easily be read.
References Title URL
ISO http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51502
Adobe http://www.adobe.com/products/acrobat/adobepdf.html
Adobe reader http://www.adobe.com/products/acrobat/readstep2.html
Wikipedia http://en.wikipedia.org/wiki/Pdf
Related TTGOV Documents
Rationale for Selection PDF is the dominant format for publishing read-only documents on the Internet and else-where. The format provides control over how the user may use the document, with the abil-ity to lock documents for printing, editing and copying sections.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 49
Database File Type
3.26 Delimited Text
Description Delimited text is commonly used for exchanging information between spreadsheets and databases. It can be especially useful as a spreadsheet export as the simple table struc-ture of a spreadsheet can be represented easily in this format. Delimited text files are often referred to as "CSV" (comma separated variable), although the tab character is more often used as a delimiter since this character is less likely to be contained within the data itself. Spreadsheet programs can accept a range of characters for delimiters.
Categories Spreadsheet File Type
Database File Type
Classification Adopted
Usage Guidance The best means of transferring data between systems is using an agreed XML format since this preserves the principle of loose coupling between systems . However, there will be times, especially for large data sets that are being moved between Government sys-tems, when an agreed delimited text format is more efficient.
References Title URL
Related TTGOV Documents
Rationale for Selection There are times, particularly for large data sets, when the overhead of transmitting and processing XML is too great. In these cases a delimited text file often provides the best solution.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 50
CAD File Type
3.27 AutoCAD DXF (.dxf)
Description AutoCAD Drawing Exchange Format (DXF) is a CAD data file format developed by Auto-desk for enabling data interoperability between AutoCAD and other programs. Some object types are not documented in DXF, making DRW a better format for exchanging AutoCAD drawings. There are free DXF viewers that run on a variety of platforms.
Categories CAD File Type
Classification Deprecated
Usage Guidance This proprietary format should only be used by agreement between the parties exchanging data. PDF can be used instead to transfer read-only drawings.
References Title URL
Specification http://usa.autodesk.com/adsk/servlet/item?siteID=123112&id=8446698
Wikipedia http://en.wikipedia.org/wiki/Dxf
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 14 January 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 51
3.28 DWG (.dwg)
Description DWG is a format used for storing two and three dimensional design data and metadata. It is the native format for several CAD packages and is supported non-natively by many other software applications. Although widely used, it is still a proprietary format without clear ownership of the specification, so implementations may vary. The Open Design Alliance has produced the specification referenced below. There are free DRW viewers that run on a variety of platforms.
Categories CAD File Type
Classification Adopted
Usage Guidance This format should only be used by agreement between the parties exchanging data. PDF can be used instead to transfer read-only drawings.
References Title URL
OpenDWG specification v2.0
http://www.opendesign.com/files/guestdownloads/formatSpec13-15.rtf
Wikipedia http://en.wikipedia.org/wiki/.dwg
Related TTGOV Documents
Rationale for Selection DWG is probably the widely used CAD file format. Several packages have it as their native file format, and most others can import and export it.
Applicability G2C G2B G2G
Last Changed 14 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 52
3.29 PDF
Description Portable Document Format (PDF) is a file format created by Adobe Systems for document exchange. PDF is used for representing documents in a manner independent of the appli-cation software, hardware, an operating system. PDF preserves the exact layout of the original document. It is an open standard that was officially published in 2008 ISO 32000-1:2008.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Project Plan File Type CAD File Type
Classification Adopted
Usage Guidance PDF should be used for documents that require read-only access. Where a PDF document is used on a TTGOV web site, a link should be provided to download Adobe's free PDF reader. In general, the features used in PDF documents should lag the current Adobe reader by at least one version to help minimise the likelihood of a user needing to update their reader. Although the PDF format allows text to be obscured (for example, to prevent sensitive parts of documents being read by the general public), this should only be used for print purposes. Such documents should never be published electronically as the obscured text can easily be read.
References Title URL
ISO http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=51502
Adobe http://www.adobe.com/products/acrobat/adobepdf.html
Adobe reader http://www.adobe.com/products/acrobat/readstep2.html
Wikipedia http://en.wikipedia.org/wiki/Pdf
Related TTGOV Documents
Rationale for Selection PDF is the dominant format for publishing read-only documents on the Internet and else-where. The format provides control over how the user may use the document, with the abil-ity to lock documents for printing, editing and copying sections.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 53
Bitmapped Image File Type
3.30 ECW
Description Enhanced Compression Wavelet (ECW) is a lossy compression format developed by Earth Resource Mapping. The file format is optimized for aerial and satellite imagery, and effi-ciently compresses very large images with fine, alternating contrast.
Categories Bitmapped Image File Type
Classification Under Observation
Usage Guidance ECW should be considered where extreme compression of large images is required.
References Title URL
Description http://www.gisdevelopment.net/technology/ic/techip0003.htm
Wikipedia http://en.wikipedia.org/wiki/ECW_(file_format)
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 24 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 54
3.31 GIF89a
Description The Graphics Interchange Format (GIF) is a bitmap image format that was introduced by CompuServe in 1987 and has since come into widespread usage on the World Wide Web due to its wide support and portability. The format uses lossless compression and supports up to 8 bits per pixel, allowing a single image to reference a palette of up to 256 distinct colours chosen from the 24-bit RGB col-our space. It also supports animations and allows a separate palette of 256 colours for each frame. The colour limitation makes the GIF format unsuitable for reproducing colour photographs and other images with continuous colour, but it is well-suited for simpler im-ages such as graphics or logos with solid areas of colour.
Categories Bitmapped Image File Type
Classification Adopted
Usage Guidance The GIF format may be used for bit-mapped images with sharp data transitions, such as graphics and logos. The limitation of 256 distinct colours in an image makes it unsuitable for photo-graphs
References Title URL
Specification http://www.w3.org/Graphics/GIF/spec-gif89a.txt
Wikipedia http://en.wikipedia.org/wiki/Gif
Related TTGOV Documents
Rationale for Selection GIF89a is one of the predominant methods of reducing graphical image file size, especially for web use. It is widely supported by graphics software and web browsers. The alternative PNG format has advantages where animation is not required, and so is the preferred for-mat for web use.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 55
3.32 JPEG
Description JPEG is a commonly used method of compression for photographic images. This is a lossy compression method, compromising image quality for reduced file size. The degree of compression can be adjusted, allowing a selectable tradeoff between storage size and im-age quality. The JPEG format has been standardised by both ISO and the International Telecommunications Union (ITU).
Categories Bitmapped Image File Type
Classification Adopted
Usage Guidance JPEG should be used to reduce the size of photographic images, particularly for web use. It should not be used for graphics images or logos since the compression format does not cope well with sharp transitions in the image.
References Title URL
ISO/IEC 10918-1:1994 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=18902
ITU-TRecommendationT.81 http://www.itu.int/rec/T-REC-T.81/e
Joint Photographic Experts Group
http://www.jpeg.org/
Wikipedia http://en.wikipedia.org/wiki/Jpeg
Related TTGOV Documents
Rationale for Selection JPEG is the predominant method of reducing photographic image file size, especially for web use. It is widely supported by image processing tools and web browsers.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 56
3.33 OpenDocument
Description The OpenDocument format (ODF) is a file format for electronic office documents such as spreadsheets, charts, presentations and word processing documents. While the specifica-tions were originally developed by Sun, the standard was developed by the Open Office XML technical committee of the Organization for the Advancement of Structured Infor-mation Standards (OASIS) consortium and based on the XML format originally created and implemented by the OpenOffice.org office suite. It should not be confused with Open Office XML. ISO/IEC has standardised version 1.0. OASIS has published v1.1 as an OASIS Standard. Microsoft Office 2007 SP2 supports ODF version 1.1. Sun Microsystems has a free plug-in to allow Microsoft Office 2007 (Service Pack 1 or higher), Microsoft Office 2003, Microsoft Office XP and Microsoft Office 2000 to import and export ODF.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Bitmapped Image File Type Vector Graphics File Type
Classification Under Observation
Usage Guidance
References Title URL
OASIS specification http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=43485
ISO/IEC 26300:2006 http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1.pdf
Wikipedia http://en.wikipedia.org/wiki/OpenDocument
Related TTGOV Documents
Rationale for Selection OpenDocument is gaining support with the public as it is supported by free office software products. Its possible use should be reviewed regularly.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 57
3.34 PNG
Description Like the better known GIF format, the portable Network Graphics format is a bitmap image format that uses loss-less compression. It was originally developed to circumvent patent issues with the GIF format, and is widely supported by graphics software and web brows-ers. The patents in question have now expired. PNG does not have the 256 colour limita-tion of GIF.
Categories Bitmapped Image File Type
Classification Adopted
Usage Guidance PNG can be used as alternative to GIF for reducing graphical image file size, especially for web use. It is especially useful where the 256 colour limitation of GIF is an issue. Since it has no disadvantages over GIF apart from its lack of animation support, it is the preferred format for graphical images on the web.
References Title URL
ISO/IEC 15948:2004
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=29581
W3C Recommendation http://www.w3.org/TR/PNG/
Wikipedia http://en.wikipedia.org/wiki/Portable_Network_Graphics
Related TTGOV Documents
Rationale for Selection PNG is one of the predominant methods of reducing graphical image file size, especially for web use. It is widely supported by graphics software and web browsers.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 58
3.35 TIFF v6.0
Description Tagged Image File Format (TIFF) is a file format for storing images, including photographs and line art. The TIFF format is widely supported by image-manipulation applications, by publishing and page layout applications, by scanning, faxing, word processing, optical character recognition and other applications. The "tagged" part of the name indicates that TIFF can hold metadata about an image, such as its size). Unlike JPEG, a TIFF image can be stored with lossless, or no, compression. This allows a TIFF image to be repeatedly opened for editing without the gradual decrease in image quality that would occur with a JPEG image. The TIFF specification is controlled by Adobe.
Categories Bitmapped Image File Type
Classification Adopted
Usage Guidance A TIFF image with lossless or no data compression should be used when maintaining the quality of a photograph or other image is paramount. However, care must be taken with the resulting image sizes if the image is to be transferred or placed on the web.
References Title URL
Specification http://partners.adobe.com/public/developer/tiff/index.html#spec
Adobe TIFF Resources http://partners.adobe.com/public/developer/tiff/
Wikipedia http://en.wikipedia.org/wiki/Tagged_Image_File_Format
Related TTGOV Documents
Rationale for Selection TIFF is one of the most commonly used formats for images where lossy compression is not acceptable. It is widely supported by graphics and image manipulation software and by web browsers.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 59
Vector Graphics File Type
3.36 OpenDocument
Description The OpenDocument format (ODF) is a file format for electronic office documents such as spreadsheets, charts, presentations and word processing documents. While the specifica-tions were originally developed by Sun, the standard was developed by the Open Office XML technical committee of the Organization for the Advancement of Structured Infor-mation Standards (OASIS) consortium and based on the XML format originally created and implemented by the OpenOffice.org office suite. It should not be confused with Open Office XML. ISO/IEC has standardised version 1.0. OASIS has published v1.1 as an OASIS Standard. Microsoft Office 2007 SP2 supports ODF version 1.1. Sun Microsystems has a free plug-in to allow Microsoft Office 2007 (Service Pack 1 or higher), Microsoft Office 2003, Microsoft Office XP and Microsoft Office 2000 to import and export ODF.
Categories Word Processor Document File Type Spreadsheet File Type Presentation File Type Bitmapped Image File Type Vector Graphics File Type
Classification Under Observation
Usage Guidance
References Title URL
OASIS specification http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=43485
ISO/IEC 26300:2006 http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1.pdf
Wikipedia http://en.wikipedia.org/wiki/OpenDocument
Related TTGOV Documents
Rationale for Selection OpenDocument is gaining support with the public as it is supported by free office software products. Its possible use should be reviewed regularly.
Applicability G2C G2B G2G
Last Changed 13 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 60
3.37 SVG v1.1
Description SVG is a language for describing two-dimensional graphics in XML. SVG allows for three types of graphic objects: vector graphic shapes (e.g., paths consisting of straight lines and curves), images and text. Graphical objects can be grouped, styled, transformed and com-posited into previously rendered objects. The feature set includes nested transformations, clipping paths, alpha masks, filter effects and template objects. SVG drawings can be interactive and dynamic. Animations can be defined and triggered either declaratively (i.e., by embedding SVG animation elements in SVG content) or via scripting.
Categories Vector Graphics File Type
Classification Under Observation
Usage Guidance
References Title URL
W3C Recommendation http://www.w3.org/TR/SVG11/
Wikipedia http://en.wikipedia.org/wiki/Svg
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 61
Web Content File Type
3.38 HTML v4.01
Description HTML standards for HyperText Markup Language, and is the predominant markup lan-guage for Web pages. It provides a means to describe the structure of text-based infor-mation in a document — by denoting certain text as links, headings, paragraphs, lists, and so on — and to supplement that text with interactive forms, embedded images, and other objects. HTML is written in the form of tags, surrounded by angle brackets. HTML can in-clude embedded scripting language code (such as JavaScript) which can affect the behav-iour of Web browsers and other HTML processors.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Adopted
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way.
References Title URL
HTML 4.01 Specification http://www.w3.org/TR/html401/
Wikipedia http://en.wikipedia.org/wiki/Html
Related TTGOV Documents
Rationale for Selection HTML 4.01 is the latest approved version of HTML and is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 2 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 62
3.39 HTML v5
Description HTML v5 is an extension of the existing HTML specification to express the semantics of many of the non-document types of content often seen on the Web. For instance, forum sites, auction sites, search engines, online shops, and the like, which do not fit the document metaphor well.
Categories Word Processor Document File Type Presentation File Type Project Plan File Type Spreadsheet File Type Web Content File Type
Classification Under Observation
Usage Guidance Either HTML 4.01 or XHTML should be used for web content. In some cases, it can be the "lowest common denominator" for transferring files between word-processors. However, document style can be changed when using HTML in this way. HTML 5 cannot be ren-dered on all browers at this time
References Title URL
HTML v5 Working Draft http://www.w3.org/TR/html5/
Related TTGOV Documents
Rationale for Selection HTML 5 is the latest version of HTML but is supported by all major web browsers.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 63
3.40 XForms 1.1
Description XForms is a W3C Recommendation for a powerful XML language for describing forms. It is designed to be embedded within another language, such as XHTML. By splitting the form into three parts - XForms model, instance data, and user interface - it separates presentation from content, reduces round-trips to the server, allows reuse, gives strong typing and offers device independence and a reduced need for scripting. XForms has some tool support, but both Adobe (with XML Forms Architecture) and Mi-crosoft (with InfoPath) have proprietary alternatives that may be considered.
Categories Web Content File Type
Classification Under Observation
Usage Guidance
References Title URL
Specification http://www.w3.org/TR/xforms/
Wikipedia http://en.wikipedia.org/wiki/Xforms
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 20 October 2009
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 64
3.41 XHTML v1.1
Description The Extensible Hypertext Markup Language, or XHTML, is a markup language that has semantics similar to those of HTML, while conforming to XML syntax. Because they need to be well-formed XML, XHTML documents allow for automated pro-cessing to be performed using standard XML tools. XHTML is a W3C Recommendation.
Categories Web Content File Type
Classification Adopted
Usage Guidance XMTML should be used in preference to HTML where there is a need for automated pro-cessing of the content.
References Title URL
W3C Recommendation http://www.w3.org/TR/xhtml11
Related TTGOV Documents
Rationale for Selection As an application of XML, XHTML is much easier to process that HTML. It is supported by all recent web browsers.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 65
Audio / Visual File Type
3.42 Apple Quicktime (.avi, .mov, .qt)
Description QuickTime is a multimedia framework developed by Apple Inc., capable of handling vari-ous formats of digital video, media clips, sound, text, animation, music, and several types of interactive panoramic images. QuickTime is available for Classic Mac OS, Mac OS X and Microsoft Windows operating systems.
Categories Audio / Visual File Type
Classification Deprecated
Usage Guidance Open formats should be used in preference to these proprietary formats. These formats may be offered as an alternative.
References Title URL
QuickTime Home Page http://www.apple.com/quicktime/
Wikipedia http://en.wikipedia.org/wiki/Quicktime
Related TTGOV Documents
Rationale for Selection These are popular formats, and so may be offered in addition to open formats. Players are freely available.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 66
3.43 Flash
Description Adobe Flash is a popular method for adding animation and interactivity to web pages. Flash can manipulate vector and raster graphics and supports streaming of audio and vid-eo.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance Adobe Flash may be used to enhance web pages. Because it requires a plug-in to be in-stalled on the user's computer, it should not be used to deliver important content.
References Title URL
Adobe Home Page http://www.adobe.com/
Wikipedia http://en.wikipedia.org/wiki/Adobe_flash
Related TTGOV Documents
Rationale for Selection Flash is a very commonly used format for animation on the Web. Plug-ins are freely avail-able for all major browsers on Windows and Macintosh operating systems.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 67
3.44 MIDI (.mid)
Description Musical Instrument Digital Interface (MIDI) is an industry-standard
protocol that enables
electronic musical instruments, computers, and other equipment to control one another, and to exchange system data. MIDI does not transmit an audio signal or media — it trans-mits "event messages" such as the pitch and intensity of musical notes to play, control sig-nals for parameters such as volume, vibrato and panning, cues, and clock signals to set the tempo.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance MIDI is ubiquitous for control of musical instruments, and is the standard that should be used for this purpose.
References Title URL
MIDI Manufacturers Asso-ciation
http://www.midi.org/
Wikipedia http://en.wikipedia.org/wiki/Midi
Related TTGOV Documents
Rationale for Selection MIDI is ubiquitous in its marketplace.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 68
3.45 MP3
Description MPEG-1 Audio Layer 3, more commonly referred to as MP3, is a digital audio encoding format using a form of lossy data compression. It is a common audio format for consumer audio storage, as well as a de facto standard encoding for the transfer and playback of music on digital audio players.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance MP3 may be used freely for the exchange of audio information where some loss of quality is acceptable. It is a good format for use on the web.
References Title URL
ISO/IEC 11172-3:1993 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=22412
Wikipedia http://en.wikipedia.org/wiki/Mp3
Related TTGOV Documents
Rationale for Selection MP3 is the most widely used audio compression method with very wide player support. It forms a part of the ISO 11172 standard.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 69
3.46 MPEG-1
Description MPEG-1 was an early standard for lossy compression of video and audio. It was designed to compress VHSquality raw digital video and CD audio down to 1.5 Mbit/s (26:1 and 6:1 compression ratios respectively) without excessive quality loss. Today, MPEG-1 has be-come the most widely compatible lossy audio/video format in the world, and is used in a large number of products and technologies. Perhaps the best-known part of the MPEG-1 standard is the MP3 audio format it introduced. The MPEG-1 standard is published as ISO/IEC-11172.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance Although there are more recent video compression methods, MPEG-1 has good compati-bility and so should be used where the capabilities of the user are not known.
References Title URL
ISO/IEC 11172-1:1993 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=19180
ISO/IEC 11172-1:1993/Cor 1:1996
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=25369
ISO/IEC 11172-1:1993/Cor 2:1999
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=32094
ISO/IEC 11172-2:1993 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=22411
ISO/IEC 11172-3:1993 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=22412
ISO/IEC 11172-4:1995 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=22691
ISO/IEC TR 11172-5:1998 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=25029
Wikipedia http://en.wikipedia.org/wiki/Mpeg-1
Related TTGOV Documents
Rationale for Selection MPEG-1 is the most widely used audio/video compression method with very wide player support. It is an ISO standard.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 70
3.47 MPEG-2
Description MPEG-2 is a standard for the lossy compression of video and audio. It resolves some of the problems that made MPEG-1 incompatible with the multiplexed streams of digital broadcasting, as well as providing higher quality images. It is well supported by tools. The MPEG-2 standard is published as ISO/IEC TR 13818. This is available in eleven parts. The reference below is to part 1. The page referenced contains links to the other parts and cor-rigenda.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance MPEG-2 can be used where MPEG-1 is not appropriate. Examples are where there are multiple video streams or where interlaced video is required.
References Title URL
ISO/IEC 13818-1:2007 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=44169
Wikipedia http://en.wikipedia.org/wiki/Mpeg-2
Related TTGOV Documents
Rationale for Selection MPEG-2 is widely used for the distribution of multiplexed audio/video streams. It is an ISO standard.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 71
3.48 MPEG-4
Description MPEG-4 is a set of standards for the lossy compression of video and audio. It's high rate of compression makes it suitable for low bit-rate applications such as audio/video streaming over the Internet. MPEG-4 also support Digital Rights Management (DRM). The MPEG-4 standard is published as ISO/IEC 14496. This is available in 24 parts. The references be-low are to parts 2 and 10. Part 2 is implemented by codecs such as DivX and XVid. Part 10 is emerging as the preferred standard and is used by Blu-ray disks and many games con-soles.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance Streaming video for the web should be encoded using MPEG-4 part 2, using XVid or DivX encoding. Consideration should be given to part 10, which is rapidly gaining support. MPEG-4 should also be used where DRM support is required.
References Title URL
ISO/IEC 14496-2:2004 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=39259
ISO/IEC 14496-10:2008 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=50726
Wikipedia http://en.wikipedia.org/wiki/Mpeg-4
Related TTGOV Documents
Rationale for Selection MPEG-4 is widely used for streaming audio/video streams on the web. It is an ISO stand-ard.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 72
3.49 OGG Vorbis
Description Vorbis is a free and open source, lossy audio codec project headed by the Xiph.Org Foun-dation. It is most commonly used in conjunction with the Ogg container and is therefore called Ogg Vorbis.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance Vorbis is not natively supported in Windows or Mac operating systems, and so should only be offered as an alternative to other formats.
References Title URL
Specification http://xiph.org/vorbis/doc/Vorbis_I_spec.html
Wikipedia http://en.wikipedia.org/wiki/Ogg_vorbis
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 17 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 73
3.50 RealAudio/RealVideo (.ra, .ram, .rm, .rmm)
Description RealAudio and RealVideo are proprietary audio and video formats developed by RealNet-works. They are supported on many platforms, including Windows, Mac, Linux, Solaris, and several mobile phones. The two are often paired together and packaged in a RealMedia (.rm) container. RealMedia is suitable for use as a streaming media format, that is one which is viewed while it is being sent over the network.
Categories Audio / Visual File Type
Classification Deprecated
Usage Guidance Although RealAudio and RealVideo are widely supported, they are proprietary standards and the open MPEG series standards should be used in preference.
References Title URL
RealNetworks http://www.realnetworks.com/
Wikipedia (RealAudio) http://en.wikipedia.org/wiki/Real_Audio
Wikipedia (RealVideo) http://en.wikipedia.org/wiki/Real_Video
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 74
3.51 Shockwave (.swf)
Description Adobe Shockwave (formerly Macromedia Shockwave) was Macromedia's first and most successful multimedia player prior to the introduction of Macromedia Flash (now Adobe Flash). It allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. Shockwave is now at version 11.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance Shockwave is suitable for web applications that require strong graphics support. Because it requires a plug-in to be installed on the user's computer, it should not be used to deliver important content.
References Title URL
Adobe Home Page http://www.adobe.com/
Wikipedia http://en.wikipedia.org/wiki/Adobe_Shockwave
Related TTGOV Documents
Rationale for Selection Shockwave is a very commonly used format for animation on the Web. Plug-ins are freely available for all major browsers on Windows and Macintosh operating systems.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 75
3.52 Waveform Audio Format (.wav)
Description Waveform Audio Format (WAV) is a Microsoft and IBM audio file format for storing an au-dio bitstream on PCs. It is the main format used on Windows systems for raw and typically uncompressed audio, although it is also supported on Apple Mac systems. Although other lossless formats have higher compression, The WAV format is the most widely supported.
Categories Audio / Visual File Type
Classification Adopted
Usage Guidance Waveform Audio Format should be used when uncompressed audio is required.
References Title URL
Wikipedia http://en.wikipedia.org/wiki/Waveform_audio_format
Related TTGOV Documents
Rationale for Selection WAV is a very supported lossless audio file format.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 76
3.53 Windows Media Formats (.asf, .wma, .wmv)
Description These three formats comprise Microsoft's proprietary streaming (.asf), audio (.wma) and video (.wmv) formats.
Categories Audio / Visual File Type
Classification Deprecated
Usage Guidance Open formats should be used in preference to these proprietary formats. These formats may be offered as an alternative.
References Title URL
Windows Media Home Page http://www.microsoft.com/windows/windowsmedia
Wikipedia http://en.wikipedia.org/wiki/Windows_Media
Related TTGOV Documents
Rationale for Selection These are popular formats, and so may be offered in addition to open formats. Players are freely available.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 77
3.54 ASCII
Description The American Standard Code for Information Interchange (ASCII) is a character encoding based on the English alphabet. ASCII codes represent text in computers, communications equipment, and other devices that work with text. Because of its small size, ASCII encodes the English alphabet very efficiently. However, this also gives it its main limitation, which is the limited number of characters that can be represented. For example, ASCII has no sup-port for any accented characters
Categories Character Sets And Encoding
Classification Deprecated
Usage Guidance By utilising the Unicode character set and UTF-8, systems will automatically produce ASCII character encodings for those characters in the ASCII set. Systems should not restrict themselves to ASCII in the characters that they can consume.
References Title URL
Wikipedia http://en.wikipedia.org/wiki/Ascii
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 78
3.55 Unicode v6.0.0
Description Unicode is an industry standard allowing computers to consistently represent and manipu-late text expressed in most of the world's writing systems. Unicode's success at unifying character sets has led to its widespread and predominant use in the internationalization and localization of computer software. The standard has been implemented in many recent technologies, including XML, the Java programming language, the Microsoft .NET Framework and modern operating systems. Unicode can be implemented by different character encodings. The most commonly used encodings are UTF-8 (which uses 1 byte for all displayable ASCII characters, which have the same code values as in the standard ASCII encoding, and up to 4 bytes for other char-acters), and UTF-16 (which uses 2 bytes for the majority of characters and using 4 bytes for the remainder). ISO/IEC 10646:2003 (Information technology -- Universal Multiple-Octet Coded Character Set (UCS)) uses the same characters as Unicode.
Categories Character Sets And Encoding
Classification Adopted
Usage Guidance Unicode should be used for all data interchange in TTGOV.
References Title URL
The Unicode Consortium
http://unicode.org/
ISO/IEC
10646:2003
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=39921
Wikipedia http://en.wikipedia.org/wiki/Unicode
Related TTGOV Documents
Rationale for Selection Unicode is a universal character set and has been widely adopted. It is the standard char-acter set for XML. Version 2.0 is the version specified in the XML 1.0 Recommendation.
Applicability G2C G2B G2G
Last Changed 31 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 79
3.56 UTF-16
Description UTF-16 (16-bit Unicode Transformation Format) is a variable-length character encoding for Unicode, capable of encoding the entire Unicode repertoire. The encoding form maps each character to a sequence of 16-bit words.
Categories Character Sets And Encoding
Classification Adopted
Usage Guidance In general, data should be produced using UTF-8. UTF-16 should only be used where it provides a more efficient encoding. This can happen when documents are in languages that do not use a Latin-based character set. All systems must be capable of accepting UTF-16.
References Title URL
Specification http://www.ietf.org/rfc/rfc2781.txt
Wikipedia http://en.wikipedia.org/wiki/Utf-16
Related TTGOV Documents
Rationale for Selection UTF-8 support is required by the XML Recommendation.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 80
3.57 UTF-8
Description UTF-8 (8-bit UCS/Unicode Transformation Format) is a variable-length character encoding for Unicode. It is able to represent any character in the Unicode standard, yet the initial encoding of byte codes and character assignments for UTF-8 is backwards compatible with ASCII. For these reasons, it is becoming the preferred encoding for e-mail, web pag-es, and other places where characters from Latin-based languages are stored or streamed.
Categories Character Sets And Encoding
Classification Adopted
Usage Guidance UTF-8 is the preferred character encoding for Unicode. UTF-16 should only be used in special circumstances for non-Latin-based languages, where it can be a more efficient en-coding.
References Title URL
Specification http://www.ietf.org/rfc/rfc2279.txt
Wikipedia http://en.wikipedia.org/wiki/Utf-8
Related TTGOV Documents
Rationale for Selection UTF-8 support is required by the XML Recommendation. Because it encodes characters from the ASCII set in a single byte, it is the most efficient Unicode character encoding for Latin-based languages.
Applicability G2C G2B G2G
Last Changed 14 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 81
File Compression
3.58 BZIP2
Description bzip2 is a lossless data compression algorithm and open source software implementation. bzip2 compresses most files more effectively than more gzip or ZIP but is slower. Unlike other formats such as ZIP (but similar to gzip), bzip2 is only a data compressor, not an ar-chiver. The program itself has no facilities for multiple files, encryption or archive-splitting.
Categories File Compression
Classification Adopted
Usage Guidance bzip2 may be used where high compression is required and it is known that the receiving party supports the format.
References Title URL
bzip2 web site http://www.bzip.org/
Wikipedia http://en.wikipedia.org/wiki/Bzip2
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 24 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 82
3.59 7-Zip
Description 7-Zip is an open source file archiver it operates with the 7z archive format, and can read and write several other archive formats. The program can be used from a command line interface, graphical user interface, or Windows shell integration. It supports 256-bit AES cipher. Multiple-core CPU threading can be configured
Categories File Compression
Classification Adopted
Usage Guidance 7-zip may be used where high compression is required the format can be changed based on what the receiving party can use.
References Title URL
7-zip web site http://www.7-zip.org/
Wikipedia http://en.wikipedia.org/wiki/7-Zip
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 24 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 83
3.60 GNU Zip
Description GNU Zip (gzip) is a file format used for file compression and is commonly used on Unix and Linux systems. The typical file extension used is .gz.
Categories File Compression
Classification Adopted
Usage Guidance GNU Zip should only be used when it is known that files will be opened on Unix systems. Otherwise ZIP should be used in preference. GZIP may be used with TAR to produce compressed archives. Typically, these have the file extension .tar.gz on Unix and Linux systems and .gz on Windows systems.
References Title URL
Specification of version 4.3 http://tools.ietf.org/html/rfc1952
Wikipedia http://en.wikipedia.org/wiki/Gzip
Related TTGOV Documents
Rationale for Selection GNU Zip is widely implemented on Unix systems.
Applicability G2C G2B G2G
Last Changed 9 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 84
3.61 Tape Archiver (TAR)
Description TAR is a file format (in the form of a type of archive bitstream) originally designed to handle tape archive files. The current version is 1.2. The format was standardized by POSIX.1-1988 and later POSIX.1-2001. Initially developed as a raw format, used for tape backup and other sequential access devices for backup purposes, it is now commonly used to col-late collections of files into one larger file, for distribution or archiving, while preserving file system information such as user and group permissions, dates, and directory structures. It is most commonly used in Unix and Linux systems. The typical file extension used is .tar.
Categories File Compression
Classification Adopted
Usage Guidance TAR should only be used when it is known that files will be opened on Unix systems. Oth-erwise ZIP should be used in preference. TAR may be used with GZIP to produce com-pressed archives. Typically, these have the file extension .tar.gz on Unix and Linux sys-tems and .gz on Windows systems.
References Title URL
GNU Specification http://www.gnu.org/software/tar/
Wikipedia http://www.gnu.org/software/tar/
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 09 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 85
3.62 ZIP
Description The ZIP file format is a data compression and archival format. The current version of the specification is 6.3.2. A ZIP file contains one or more files that have been compressed, to reduce their file size, or stored as-is. A number of compression algorithms are permitted in zip files but as of 2008 only DEFLATE is widely used and supported.
Categories File Compression
Classification Adopted
Usage Guidance ZIP should be used in preference to other data compression formats, especially where documents are being made available to the general public. Tools do not usually make it clear which version of the ZIP specification the are using. This does not cause a problem as tools are generally backwards compatible.
References Title URL
Specification of version 6.3.2 http://www.pkware.com/documents/casestudies/APPNOTE.TXT
Wikipedia http://en.wikipedia.org/wiki/Zip
Related TTGOV Documents
Rationale for Selection ZIP is a very common compression and archiving format with wide tool support. Recent versions of Windows have native support for the ZIP format.
Applicability G2C G2B G2G
Last Changed 9 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 86
Data Message Formatting
3.63 XML v1.0
Description The Extensible Markup Language (XML) is a W3C Recommendation for a markup meta-language that is a subset of the Standard Generalized Markup Language (SGML). XML contains a syntax for defining markup languages, without defining the element and attribute names that themselves make up a language. This gives it its flexibility and extensibility, since users of XML can define their own XML-based markup languages. XML documents are used for two main purposes. The first matches the traditional use of the term "document", where XML is used to mark up a textual document in a way that pro-vides meaning in addition to the text in the document. The second, and greater use in e-Government, is to use XML to mark up data being transferred between computer systems. This allows loose coupling between systems, maintaining the independence of the systems themselves.
Categories Data Message Formatting
Classification Adopted
Usage Guidance XML is the preferred means of formatting data for transfer between systems. Where possi-ble, an existing XML language should be used for such transfers. Examples of suitable languages are the Extensible Business Reporting Language (XBRL) for business reporting and the Election Markup Language (EML) for information about electors and elections.
References Title URL
XML v1.0 Recommendation (4th Edition)
http://www.w3.org/TR/xml
Wikipedia http://en.wikipedia.org/wiki/XML
Related TTGOV Documents
Rationale for Selection XML is widely used and supported for data integration. It is a W3C Recommendation and ISO standard.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 87
Data Message Definition
3.64 XML Schema
Description XML Schema, published as a W3C recommendation in May 2001, is one of several XML schema languages. XML Schema can be used to express a set of rules to which an XML document must conform in order to be considered "valid" according to that schema. These rules concern the names, cardinality and ordering of the elements used in the XML docu-ment, the names of its attributes and the data types used. An XML schema complying with the Recommendation may be modular, allowing re-use of parts of schemas.
Categories Data Message Definition
Classification Adopted
Usage Guidance XML Schema is the main schema language to be used within TTGOV. Other schema lan-guages may be used to supplement this as described in the e-GIF.
References Title URL
XML Schema Part 0: Primer http://www.w3.org/TR/xmlschema-0/
XML Schema Part 1: Struc-tures
http://www.w3.org/TR/xmlschema-1/
XML Schema Part 2: Datatypes
http://www.w3.org/TR/xmlschema-2/
Wikipedia http://en.wikipedia.org/wiki/XML_Schema_(W3C)
Related TTGOV Documents
Rationale for Selection W3C XML Schema is a W3C Recommendation and the most widely supported schema language for XML.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 88
Data Transformation
3.65 XSLT v1.0
Description Extensible Stylesheet Language Transformations (XSLT) is a W3C Recommendation for an XMLbased language used for the transformation of XML documents into other XML or "humanreadable" documents. The new document may be serialized (output) by the pro-cessor in XML syntax or in another format, such as HTML or plain text. XSLT is most often used to convert data between different XML languages, to convert XML data into HTML or XHTML documents for web pages, or as part of XSL to transform an XML document prior to formatting it into a non-XML language such as PDF.
Categories Data Transformation
Website Presentation
Classification Adopted
Usage Guidance XSLT v1.0 should be used to transform XML when the XSLT processor being used does not support XSLT v2.0 or its capabilities are not known. Although recent web browsers support XSLT, allowing rendering of XML using XSLT on the client system, support is not universal and should not be assumed outside an intranet environment.
References Title URL
W3C Recommendation http://www.w3.org/TR/xslt
Wikipedia http://en.wikipedia.org/wiki/Xslt
Related TTGOV Documents
Rationale for Selection XSLT is a W3C Recommendation. Version 1.0 is widely supported by application software and tools.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 89
3.66 XSLT v2.0
Description Extensible Stylesheet Language Transformations (XSLT) is a W3C Recommendation for an XMLbased language used for the transformation of XML documents into other XML or "humanreadable" documents. The new document may be serialized (output) by the pro-cessor in XML syntax or in another format, such as HTML or plain text. XSLT is most often used to convert data between different XML languages, to convert XML data into HTML or XHTML documents for web pages, or as part of XSL to transform an XML document prior to formatting it into a non-XML language such as PDF. Version 2.0 of the Recommendation is more powerful than version 1.0 and includes sup-port for data typing.
Categories Data Transformation
Website Presentation
Classification Adopted
Usage Guidance XSLT should be used to transform XML when the features of XSLT v1.0 are not sufficiently powerful and it is known that any XSLT processor that might be used to perform the trans-formation supports version 2.0. XSLT v2.0 should not be used for client side processing in a browser.
References Title URL
W3C Recommendation http://www.w3.org/TR/xslt
Wikipedia http://en.wikipedia.org/wiki/Xslt
Related TTGOV Documents
Rationale for Selection XSLT is a W3C Recommendation. Version 2.0 is more powerful than version 1.0, but less widely supported.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 90
3.67 Microsoft Excel 2010 (.xlsx)
Description Microsoft Excel is a non-free commercial spreadsheet application. It features calculation, graphing tools, pivot tables and a macro programming language called Visual Basic for Applications
Categories Spreadsheet File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. Note that the recipient of a document may not have support for the format specified it may be necessary the save the format to the older version (.xls).
References
Related TTGOV Documents
Rationale for Selection This is the format should be used in Government. By exchanging documents in their native format, additional information, such as macros, is preserved.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 91
3.68 Microsoft PowerPoint 2010 (.pptx)
Description Microsoft PowerPoint 2010 is a non-free commercial presentation program that is used within TTGOV
Categories Presentation File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. Note that the recipient of a document may not have support for the format specified it may be necessary the save the format to the older version (.ppt).
References
Related TTGOV Documents
Rationale for Selection This is the format currently used within Government. By exchanging documents in their native format, additional information, such as slide transitions, is preserved.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 92
3.69 Microsoft Project 2010 (.mpp)
Description Microsoft Project 2003 is the project management software used within TTGOV. It uses a proprietary file format.
Categories Project Plan File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. This version of the application carries the same format as it predecessors.
References
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 93
3.70 Microsoft Word 2010 (.docx)
Description Microsoft Word 2010 is the word processor used within TTGOV. It uses a proprietary file format.
Categories Word Processor Document File Type
Classification Adopted
Usage Guidance Microsoft's native format may be used for exchanging documents within TTGOV, and by agreement with other parties. It should not be used when making documents available on the Internet, where PDF and HTML are the preferred formats. Note that the recipient of a document may not have support for the format specified it may be necessary the save the format to the older version (.doc).
References
Related TTGOV Documents
Rationale for Selection This is the format currently used within Government. By exchanging documents in their native format, additional information, is preserved.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 94
4 Application / Presentation This category includes standards for applications and presentation, including those for VOIP, data modelling
and email.
Only the basic VOIP standards have been included. Further standards should be added when they are re-quired for a specific VOIP
project and detailed investigation is undertaken.
Standards in this Section
Data Modelling
4.1 UML v2.3
Description The Unified Modeling Language (UML) is a graphical language for visualizing, specifying and constructing the artefacts of distributed object systems. UML offers a standard way to write a system's blueprints, including conceptual things such as business processes and system functions as well as concrete things such as programming language statements, database schemas, and reusable software components. UML is officially defined by the Object Management Group (OMG).
Categories Data Modelling
Classification Adopted
Usage Guidance UML should be used for modelling systems.
References Title URL
OMG UML Resource Page http://www.omg.org/spec/UML/2.3
Wikipedia http://en.wikipedia.org/wiki/Unified_Modeling_Language
Related TTGOV Documents
Rationale for Selection UML is a mature standard that is widely used for modelling object-oriented systems.
Applicability G2C G2B G2G
Last Changed May 2010
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 95
4.2 XMI v2.1.1
Description XML Metadata Interchange (XMI) is an OMG specification for exchanging metadata infor-mation using XML. The most common use of XMI is as an interchange format for UML models, although it can also be used for serialization of models of other languages.
Categories Data Modelling
Classification Adopted
Usage Guidance XMI should be used for the interchange of UML models.
References Title URL
OMG Specification http://www.omg.org/technology/documents/formal/xmi.htm
Wikipedia http://en.wikipedia.org/wiki/XMI
Related TTGOV Documents
Rationale for Selection XMI is the standard format for exchanging UML models.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 96
4.3 IMAP v4
Description The Internet Message Access Protocol version 4 (IMAP4) is a standard protocol for man-aging and retrieving e-mail from a remote server over a TCP/IP connection. POP3 and IMAP4 (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval. Most modern e-mail clients and servers support both. Where-as POP3 clients generally retrieve messages from the server and then delete the server copies (there is an option to leave copies on the server), and IMAP client will usually re-quire explicit authorisation from the user to delete the messages. This makes it especially suitable for webmail systems.
Categories Email
Classification Adopted
Usage Guidance IMAP should be used in preference to POP3 if a webmail service is being provided or if several users are sharing a mailbox. Otherwise, either protocol may be used.
References Title URL
Specification http://tools.ietf.org/html/rfc3501
Related TTGOV Documents
Rationale for Selection IMAP is very commonly used for the management of remote mailboxes and is supported by all major email packages.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 97
4.4 MIME
Description Multipurpose Internet Mail Extensions (MIME) is an Internet standard that extends the for-mat of email to support text in character sets other than ASCII, non-text attachments, mes-sage bodies with multiple parts and header information in non-ASCII character sets. The content types defined by MIME standards are also of importance outside of e-mail, such as in communication protocols like HTTP for the World Wide Web. HTTP requires that data be transmitted in the context of e-mail-like messages, even though the data may not actually be e-mail.
Categories Email
Classification Adopted
Usage Guidance MIME should be used to extend the functionality of e-mail and for other purposes where it is specified as the required format.
References Title URL
RFC 2045 http://tools.ietf.org/html/rfc2045.txt
RFC 2046 http://tools.ietf.org/html/rfc2046.txt
RFC 2047 http://tools.ietf.org/html/rfc2047.txt
RFC 4288 http://tools.ietf.org/html/rfc4288.txt
RFC 4289 http://tools.ietf.org/html/rfc4289.txt
RFC 2077 http://tools.ietf.org/html/rfc2077.txt
Related TTGOV Documents
Rationale for Selection MIME is the global standard for Internet mail extensions and is universally supported by email software
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 98
4.5 POP3
Description The Post Office Protocol version 3 (POP3) is a standard protocol for retrieving e-mail from a remote server over a TCP/IP connection. POP3 and IMAP4 (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval. Most modern e-mail clients and servers support both. POP3 is defined in a set of nine RFCs. The reference below is to the specification of the POP3 protocol itself.
Categories Email
Classification Adopted
Usage Guidance Either POP3 or IMAP can be used to collect email. Both should be offered on a server.
References Title URL
Specification http://tools.ietf.org/html/rfc1939
Related TTGOV Documents
Rationale for Selection POP3 is very commonly used for retrieving mail and is supported by all major email pack-ages.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 99
4.6 S/MIME
Description Secure / Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key en-cryption and signing of e-mail encapsulated in MIME. It is supported by most modern email applications.
Categories Email
Classification Adopted
Usage Guidance S/MIME should be used for messaging where security is required. It is not suitable for use with webmail systems, and so should not generally be used for communication with the public.
References Title URL
RFC 3369 http://tools.ietf.org/html/rfc3369.txt
RFC 2631 http://tools.ietf.org/html/rfc2631.txt
RFC 2632 http://tools.ietf.org/html/rfc2632.txt
RFC 2633 http://tools.ietf.org/html/rfc2633.txt
Related TTGOV Documents
Rationale for Selection S/MIME is a mature standard, widely supported by email applications.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 100
4.7 SMTP
Description Simple Mail Transfer Protocol (SMTP) is a de facto standard for electronic mail (e-mail) transmissions across the Internet. The protocol in widespread use today is defined in RFC 5321. While electronic mail server software uses SMTP to send and receive mail messages, us-er-level client mail applications typically only use SMTP for sending messages to a mail server for relaying. For receiving messages, client applications usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) to access their mail box accounts on a mail server.
Categories Email
Classification Adopted
Usage Guidance SMTP should be used for sending mail unless a webmail system is being used.
References Title URL
RFC 5321 http://www.ietf.org/rfc/rfc5321.txt
Wikipedia http://en.wikipedia.org/wiki/Smtp
Related TTGOV Documents
Rationale for Selection SMTP is a mature standard, widely supported by email applications.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 101
Website Presentation
4.8 AJAX
Description Asynchronous JavaScript and XML (AJAX) is not a standard in itself but a term used to describe a programming technique used for creating interactive web applications or rich Internet applications. With Ajax, web applications can retrieve data from the server asyn-chronously in the background without interfering with the display and behavior of the exist-ing page. Data is retrieved using the XMLHttpRequest object or through the use of Remote Scripting in browsers that do not support it. In spite of its name, AJAX does not require the use of JavaScript; other client-side languages can be used.
Categories Website Presentation
Classification Adopted
Usage Guidance AJAX is a powerful technique for asynchronous retrieval of XML documents. It should be used in preference to synchronous techniques that effectively lock up the browser for the period while the document is being retrieved.
References Title URL
The XMLHttpRequest Object http://www.w3.org/TR/2008/WD-XMLHttpRequest-20080415/
Wikipedia http://en.wikipedia.org/wiki/Ajax_(programming)
Related TTGOV Documents
Rationale for Selection AES is a more secure replacement for DES and 3DES.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 102
4.9 CSS Level 2 (CSS2)
Description Cascading Style Sheets (CSS) is a stylesheet language used to describe the presentation of a document written in a markup language. Its most common application is to style web pages written in HTML and XHTML. It is designed primarily to enable the separation of document content (written in HTML or a similar markup language) from document presen-tation (written in CSS). This separation can improve content accessibility, provide more flexibility and control in the specification of presentation characteristics, help ensure a common "look and feel" across a web site. CSS2 is a W3C Recommendation. The W3C is currently working on a revision to CSS2 (CSS2.1), which corrects many errors and omis-sions in the CSS2 specification. The status of this should be monitored.
Categories Website Presentation
Classification Adopted
Usage Guidance CSS can provide commonality of appearance across multiple web pages, and so its use is encouraged for styling HTML. Web developers should restrict themselves to the features of CSS that are implemented across the major browser platforms. CSS should not be used to style XML directly, where XSL provides far greater flexibility. It may be used in conjunction with XSLT to style the HTML or XHTML output of an XSLT transformation
References Title URL
CSS2 Recommendation http://www.w3.org/TR/CSS2/
CSS2.1 Candidate Recom-mendation
http://www.w3.org/TR/CSS21/
Wikipedia http://en.wikipedia.org/wiki/Cascading_Style_Sheets
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 103
4.10 CSS Level 3 (CSS3)
Description Cascading Style Sheets (CSS) is a stylesheet language used to describe the presentation of a document written in a markup language. Its most common application is to style web pages written in HTML and XHTML. It is designed primarily to enable the separation of document content (written in HTML or a similar markup language) from document presen-tation (written in CSS). This separation can improve content accessibility, provide more flexibility and control in the specification of presentation characteristics, help ensure a common "look and feel" across a web site. CSS3 modularises the specification. It has not yet reached Recommendation status at the W3C and there is little support for it in current browsers.
Categories Website Presentation
Classification Under Observation
Usage Guidance CSS Level 3 features can be used once the party understands that older browsers may not render it correctly.
References Title URL
Introduction to CSS3 http://www.w3.org/TR/css3-roadmap/
Wikipedia http://en.wikipedia.org/wiki/Cascading_Style_Sheets
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 104
4.11 XSLT v1.0
Description Extensible Stylesheet Language Transformations (XSLT) is a W3C Recommendation for an XMLbased language used for the transformation of XML documents into other XML or "humanreadable" documents. The new document may be serialized (output) by the pro-cessor in XML syntax or in another format, such as HTML or plain text. XSLT is most often used to convert data between different XML languages, to convert XML data into HTML or XHTML documents for web pages, or as part of XSL to transform an XML document prior to formatting it into a non-XML language such as PDF.
Categories Data Transformation
Website Presentation
Classification Adopted
Usage Guidance XSLT v1.0 should be used to transform XML when the XSLT processor being used does not support XSLT v2.0 or its capabilities are not known. Although recent web browsers support XSLT, allowing rendering of XML using XSLT on the client system, support is not universal and should not be assumed outside an intranet environment.
References Title URL
W3C Recommendation http://www.w3.org/TR/xslt
Wikipedia http://en.wikipedia.org/wiki/Xslt
Related TTGOV Documents
Rationale for Selection XSLT is a W3C Recommendation. Version 1.0 is widely supported by application software and tools.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 105
4.12 XSLT v2.0
Description Extensible Stylesheet Language Transformations (XSLT) is a W3C Recommendation for an XMLbased language used for the transformation of XML documents into other XML or "humanreadable" documents. The new document may be serialized (output) by the pro-cessor in XML syntax or in another format, such as HTML or plain text. XSLT is most often used to convert data between different XML languages, to convert XML data into HTML or XHTML documents for web pages, or as part of XSL to transform an XML document prior to formatting it into a non-XML language such as PDF. Version 2.0 of the Recommendation is more powerful than version 1.0 and includes sup-port for data typing.
Categories Data Transformation
Website Presentation
Classification Adopted
Usage Guidance XSLT should be used to transform XML when the features of XSLT v1.0 are not sufficiently powerful and it is known that any XSLT processor that might be used to perform the trans-formation supports version 2.0. XSLT v2.0 should not be used for client side processing in a browser.
References Title URL
W3C Recommendation http://www.w3.org/TR/xslt
Wikipedia http://en.wikipedia.org/wiki/Xslt
Related TTGOV Documents
Rationale for Selection XSLT is a W3C Recommendation. Version 2.0 is more powerful than version 1.0, but less widely supported.
Applicability G2C G2B G2G
Last Changed 15 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 106
Content Syndication
4.13 ATOM
Description ATOM was developed as an alternative to RSS in response to several perceived problems in the RSS specification.
Categories Content Syndication
Classification Adopted
Usage Guidance If ATOM feeds are offered, they should be in addition to RSS.
References Title URL
Atom Syndication Format http://www.ietf.org/rfc/rfc4287.txt
Wikipedia http://en.wikipedia.org/wiki/Atom_(standard)
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 24 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 107
4.14 RSS v2.0
Description RSS is a family of Web feed formats used to publish frequently updated works such as news headlines in a standardized format. Web feeds let publishers syndicate content quickly and automatically. Readers can see the feeds in a variety of browser-based or desktop tools, and so keep up to date with changing content on a web site.
Categories Content Syndication
Classification Adopted
Usage Guidance RSS can be used where it is desirable to allow people to automate collection of summary data from a web site when the data changes. RSS has been through several versions, and is not controlled by a format specification authority. Version 2.0 is widely implemented.
References Title URL
RSS v2.0 specification http://www.rssboard.org/rss-specification
RSS Advisory Board http://www.rssboard.org/
Wikipedia http://en.wikipedia.org/wiki/Rss
Related TTGOV Documents
Rationale for Selection Although ATOM provides additional functionality and has the support of the IETF, RSS v2.0 is still widely used on the Internet.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 108
Voice over IP (VOIP)
4.15 RTP
Description Real Time Protocol (RTP) provides end-to-end network transport functions suitable for ap-plications transmitting real-time data, such as audio, video or simulation data, over mul-ticast or unicast network services. It is widely used for VOIP traffic.
Categories Voice over IP (VOIP)
Video Conferencing
Classification Under Observation
Usage Guidance RTP should be used to transport VOIP data.
References Title URL
Specification http://tools.ietf.org/html/rfc3550.txt
Wikipedia http://en.wikipedia.org/wiki/Real-time_Transport_Protocol
Related TTGOV Documents
Rationale for Selection RTP is the dominant transport protocol for VOIP systems
Applicability G2C G2B G2G
Last Changed 14 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 109
4.16 SIP
Description Session Initiation Protocol (SIP) is a protocol for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice and instant messaging.
Categories Voice over IP (VOIP)
Video Conferencing
Classification Under Observation
Usage Guidance SIP should be used to start and end VOIP sessions.
References Title URL
Specification http://www.ietf.org/rfc/rfc3261.txt
Wikipedia http://en.wikipedia.org/wiki/Session_Initiation_Protocol
Related TTGOV Documents
Rationale for Selection SIP is the dominant protocol for starting and stopping VOIP sessions.
Applicability G2C G2B G2G
Last Changed 14 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 110
Remote Authoring
4.17 Frame Relay
Description Frame relay is an data transmission protocol used to send digital information. It is a mes-sage forwarding "relay race" like system in which data packets, called frames, are passed from one or many start-points to one or many destinations via a series of intermediate node points. Frame relay is being replaced by other protocols such as xDSL.
Categories Remote Authoring
Classification Deprecated
Usage Guidance Frame relay should not generally be used as the primary protocol for new networks.
References Title URL
Core Aspects of Frame Protocol for Use with Frame Relay Bearer Service
http://webstore.ansi.org/RecordDetail.aspx?sku=T1.618-1991(R2008)
Wikipedia http://en.wikipedia.org/wiki/Frame_relay
Related TTGOV Documents
Rationale for Selection Frame relay is a mature technology that is still in use in the T&T public sector.
Applicability G2C G2B G2G
Last Changed 19 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 111
4.18 WebDAV
Description WebDAV is an abbreviation of Web Distributed Authoring and Versioning and is an exten-sion to HTTP v1.1 that allows users to collaboratively edit and manage files on remote World Wide Web servers.
Categories Remote Authoring
Classification Under Observation
Usage Guidance
References Title URL
Specification http://www.ietf.org/rfc/rfc2518.txt
Wikipedia http://en.wikipedia.org/wiki/Portable_Network_Graphics
Related TTGOV Documents
Rationale for Selection WebDAV is a well-used, mature standard.
Applicability G2C G2B G2G
Last Changed 18 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 112
Terminal Access
4.19 Secure Shell
Description Secure Shell (SSH) is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for TELNET and other in-secure remote shells, which sent information, notably passwords, in plaintext, leaving them open for interception. The encryption used by SSH provides confidentiality and integrity of data over an insecure network, such as the Internet.
Categories Terminal Access
Classification Adopted
Usage Guidance SSH may be used by agreement between the parties involved. Since SSH-1 has inherent design flaws which make it vulnerable to man-in-the-middle attacks, fallback to SSH-1 should be disabled.
References Title URL
Specification http://tools.ietf.org/html/rfc4252.txt
Wikipedia http://en.wikipedia.org/wiki/Secure_Shell
Related TTGOV Documents
Rationale for Selection SSH is a mature standard, the inclusion of which was requested by Ministry of Health.
Applicability G2C G2B G2G
Last Changed 18 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 113
4.20 Telnet
Description Telnet is a network protocol used on the Internet or local area network (LAN) connections. Typically, Telnet provides access to a command-line interface on a remote Unix or Linux machine.
Categories Terminal Access
Classification Deprecated
Usage Guidance Telnet may be used by agreement between the parties involved. It has no security, so any sensitive information (such as passwords) should only be sent over a secure network. Se-cure Shell provides a secure alternative to Telnet and should be used in new implementa-tions.
References Title URL
Specification http://tools.ietf.org/html/rfc4252.txt
Wikipedia http://en.wikipedia.org/wiki/Telnet
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 18 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 114
Video Conferencing
4.21 H.323
Description H.323 is a Recommendation from the ITU that defines the protocols to provide audio-visual communication sessions on networks without guaranteed Quality of Service (QoS).. It is widely implemented by voice and videoconferencing equipment manufacturers and is wide-ly deployed worldwide by service providers and enterprises for both voice and video ser-vices over Internet Protocol (IP) networks. H.323 makes reference to many other ITU standards (such as G.722 for audio coding and H.261 for video coding), which are not necessarily listed separately here since equipment complying with H.323 must comply with these by definition.
Categories Video Conferencing
Classification Adopted
Usage Guidance Equipment conforming to H.323 should be used for video conferencing.
References Title URL
ITU Specification http://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-H.323-200606-I!!PDF-E&type=items
Wikipedia http://en.wikipedia.org/wiki/H.323
Related TTGOV Documents
Rationale for Selection H.323 is a widely used, mature standard.
Applicability G2C G2B G2G
Last Changed 21 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 115
4.22 RTCP
Description The RTP Control Protocol (RTCP) is a sister protocol of the Real-time Transport Protocol (RTP). It is defined in IETF RFC 3550. RTCP provides out-of-band control information for an RTP flow. It partners RTP in the delivery and packaging of multimedia data, but does not transport any data itself. It is used periodically to transmit control packets to partici-pants in a streaming multimedia session. It can be used to provide lip-sync in video confer-encing applications.
Categories Video Conferencing
Classification Adopted
Usage Guidance RTCP is likely to be used within a video conferencing system to help provide lip-sync be-tween audio and video.
References Title URL
Specification http://www.ietf.org/rfc/rfc3550.txt
Wikipedia http://en.wikipedia.org/wiki/RTCP
Related TTGOV Documents
Rationale for Selection RTCP is a widely used, mature standard.
Applicability G2C G2B G2G
Last Changed 21 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 116
4.23 RTP
Description Real Time Protocol (RTP) provides end-to-end network transport functions suitable for ap-plications transmitting real-time data, such as audio, video or simulation data, over mul-ticast or unicast network services. It is widely used for VOIP traffic.
Categories Voice over IP (VOIP)
Video Conferencing
Classification Under Observation
Usage Guidance RTP should be used to transport VOIP data.
References Title URL
Specification http://tools.ietf.org/html/rfc3550.txt
Wikipedia http://en.wikipedia.org/wiki/Real-time_Transport_Protocol
Related TTGOV Documents
Rationale for Selection RTP is the dominant transport protocol for VOIP systems
Applicability G2C G2B G2G
Last Changed 14 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 117
4.24 SIP
Description Session Initiation Protocol (SIP) is a protocol for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice and instant messaging.
Categories Voice over IP (VOIP)
Video Conferencing
Classification Under Observation
Usage Guidance SIP should be used to start and end VOIP sessions.
References Title URL
Specification http://www.ietf.org/rfc/rfc3261.txt
Wikipedia http://en.wikipedia.org/wiki/Session_Initiation_Protocol
Related TTGOV Documents
Rationale for Selection SIP is the dominant protocol for starting and stopping VOIP sessions.
Applicability G2C G2B G2G
Last Changed 14 November 2008
Next Review Date June 2013
5 Security
This category includes standards to enable secure access to public sector information and secure exchange of information. The standards covered are aimed at ensuring that information cannot be intercepted, that the receiver of the information can identify the sender and detect whether the information has been tampered with, and that the sender cannot validly claim that the information has been modified by the receiver (non-repudiation).
Many insecure protocols have secure equivalents or additional privacy layers that can be added. For exam-ple, HTTP and FTP can be used with SSL or TSL, SMTP email can be used with PGP and SSH can be used instead of Telnet.
Standards in this Section
XML Data Message Encryption
e-Government Omnibus Technical Standards
Confidential Page 118
5.1 XML Encryption
Description XML Encryption is a W3C Recommendation that defines how to encrypt the content of ar-bitrary data (including an XML document), an XML element, or XML element content, and represent the result in XML.
Categories XML Data Message Encryption
Classification Adopted
Usage Guidance XML Encryption can be used wherever the result of encryption is to be represented in an XML document. It has features that make it particularly suitable where the document being encrypted (or parts of which are being encrypted) is also XML.
References Title URL
W3C Recommendation http://www.w3.org/TR/xmlenc-core/
Wikipedia http://en.wikipedia.org/wiki/XML_Encryption
Related TTGOV Documents
Rationale for Selection XML Encryption is the W3C Recommendation for this task and has achieved widespread usage.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 119
5.2 X.509
Description X.509 is an ITU-T standard for a public key infrastructure (PKI) for single sign-on and Privi-lege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
Categories XML Data Message Signing
Classification Adopted
Usage Guidance X.509 should be used when establishing a public key infrastructure.
References Title URL
Specifications http://www.itu.int/rec/T-REC-X.509/en
Wikipedia http://en.wikipedia.org/wiki/X.509
Related TTGOV Documents
Title URL
National Policy on Electronic Transactions
Rationale for Selection X.509 is the widely adopted standard for public key infrastructures.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 120
5.3 XML Signature
Description XML Signature is a W3C recommendation that defines an XML syntax for digital signa-tures. It is used by various Web technologies such as SOAP, SAML, and others. XML signatures can be used to sign data of any type, typically XML documents or ele-ments within XML documents, but anything that is accessible via a URL can be signed. An XML signature used to sign a resource outside its containing XML document is called a detached signature; if it is used to sign some part of its containing document, it is called an enveloped signature; if it contains the signed data within itself it is called an enveloping signature. Because an XML document is defined in terms of an object model but signatures operate on a bitstream, it is important that a canonical form of a document is signed. For this rea-son, XML documents are usually processed into a canonical form using the W3C's Canon-ical XML Recommendation before the signature is calculated and when checking that the signed document has not been modified.
Categories XML Data Message Signing
Classification Adopted
Usage Guidance XML Signature should be used wherever a digital signature is to be included in an XML document. Normally, XML canonicalisation should also be used to ensure that the signed document is correctly interpreted on receipt.
References Title URL
XML Signature Syntax and Processing (Second Edition)
http://www.w3.org/TR/xmldsig-core/
Canonical XML Version 1.1 http://www.w3.org/TR/xml-c14n11/
Wikipedia http://en.wikipedia.org/wiki/XML_Signature
Related TTGOV Documents
Title URL
National Policy on Electronic Transactions
Rationale for Selection XML Signature and Canonical XML are the W3C Recommendations for this task and have
achieved widespread usage.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 121
SOA Security
5.4 Kerberos v4
Description Kerberos is a computer network authentication protocol, which allows individuals com-municating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client-server model, and it provides mutual au-thentication - both the user and the server verify each other's identity. Kerberos operates through the issue of "tickets", each of which is valid for a limited time. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Categories SOA Security
Classification Withdrawn or Rejected
Usage Guidance Kerberos v4 has security issues and must not be used.
References Title URL
Specification http://tools.ietf.org/html/rfc1731.txt
Wikipedia http://en.wikipedia.org/wiki/Kerberos_(protocol)
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 122
5.5 Kerberos v5
Description Kerberos is a computer network authentication protocol, which allows individuals com-municating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client-server model, and it provides mutual au-thentication - both the user and he server verify each other's identity. Kerberos operates through the issue of "tickets", each of which is valid for a limited time. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Categories SOA Security
Classification Adopted
Usage Guidance Kerberos v5 can be used when both a user and a server need to authenticate each other, and that authentication can be valid for a limited time period. It can be used to secure web services and as part of a public key infrastructure for the exchange of X.509 certificates
References Title URL
Specification http://tools.ietf.org/html/rfc4120.txt
Advanced Encryption Standard (AES) Encryption for Kerberos 5
http://tools.ietf.org/html/rfc3962
Wikipedia http://en.wikipedia.org/wiki/Kerberos_(protocol)
Related TTGOV Documents
Rationale for Selection Kerberos is commonly used to secure web services and for the exchange of X.509 certifi-cates. Version 5 is thought to be secure and is supported by major software vendors.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 123
5.6 SAML v2.0
Description Security Assertion Markup Language (SAML) is an OASIS standard for exchanging au-thentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). The main aim of SAML is to solve the single sign-on problem. In Government terms, this means that a citizen could sign onto a Government service and then use other services without repeatedly having to repeat the sign-on process.
Categories SOA Security
Classification Under Observation
Usage Guidance SAML should be used as part of the development of a citizen-focused web infrastructure.
References Title URL
Specification http://www.oasis-open.org/specs/#samlv2.0
Related TTGOV Documents
Rationale for Selection SAML is an OASIS standard and is widely used for passing authentication information be-tween cooperating web sites.
Applicability G2C G2B G2G
Last Changed 16 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 124
5.7 WS-Federation v1.2
Description The Web Services Federation specification is another component of the Web Services Se-curity model that defines mechanisms to allow different security realms to federate by al-lowing and brokering trust of identities, attributes, authentication between participating Web services. The mechanisms defined in this specification can be used by passive and active requestors. The Web service requestors are assumed to understand the new security mechanisms and be capable of interacting with Web service providers.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/wsfed/federation/v1.2/ws-federation.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Federation
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 125
5.8 WS-SecureConversation v1.4
Description Web Services Secure Conversation is an OASIS specification for a language built on top of the WSS and WSPolicy and WS-Trust to allow sharing security contexts. WSS focuses on the message authentication model but not a security context, and thus is subject several forms of security attacks. This specification defines mechanisms for establishing and shar-ing security contexts, and deriving keys from security contexts, to enable a secure conver-sation.
Categories SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-sx/ws-secureconversation/v1.4/ws-secureconversation.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-SecureConversation
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 02 February 2009
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 126
5.9 WS-Security v1.1
Description WS-Security is an OASIS standard communications protocol providing a means for apply-ing end-to- end security to Web services. The protocol contains specifications on how in-tegrity and confidentiality can be enforced on Web services messaging. The WSS protocol includes details on the use of SAML and Kerberos, and certificate formats such as X.509.
Categories SOA Security
Classification Under Observation
Usage Guidance WS-Security should be used to provide end-to-end security of web services where this is required.
References Title URL
OASIS Specification http://www.oasis-open.org/specs/#wssv1.1
Wikipedia http://en.wikipedia.org/wiki/WS-Security
Related TTGOV Documents
Rationale for Selection WS-Security is an OASIS standard and is universally used to provide end-to-end security of SOAP based web services.
Applicability G2C G2B G2G
Last Changed 17 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 127
5.10 WS-SecurityPolicy v1.2
Description The Web Services Security Policy language defines a model and syntax to describe and communicate security policy assertions within the larger policy framework. It covers asser-tions for security tokens, data integrity, confidentiality, visibility, security headers, and the age of a message.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-SecurityPolicy
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 128
5.11 WS-Trust v1.4
Description The OASIS WS-Trust language uses the base mechanisms from WSS and defines addi-tional primitives and extensions for security token exchange to enable the issuance and dissemination of credentials within different trust domains. In order to secure a communication between two parties, the two parties must exchange security credentials (either directly or indirectly). However, each party needs to determine if they can "trust" the asserted credentials of the other party. This specification defines ex-tensions to WS-Security for issuing and exchanging security tokens and ways to establish and access the presence of trust relationships. Using these extensions, applications can engage in secure communication designed to work with the general Web Services frame-work, including WSDL service descriptions, UDDI businessServices and bindingTemplates, and SOAP messages.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-sx/ws-trust/v1.4/ws-trust.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-SecurityPolicy
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 02 October 2009
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 129
5.12 WSS v1.1
Description The OASIS Web Services Security (WSS, formerly WS-Security) specification describes extensions to SOAP to apply security to web services. This includes, but is not limited to, message authentication, message integrity, and message confidentiality. The specified mechanisms can be used to accommodate a wide variety of security models and encryp-tion technologies. It also provides a general-purpose mechanism for associating security tokens with message content. The WSS protocol includes details on the use of SAML and Kerberos, and certificate formats such as X.509. It also describes how to attach signatures and encryption headers to SOAP messages.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Link to Specifications http://www.oasis-open.org/specs/index.php#wss
Wikipedia http://en.wikipedia.org/wiki/WS-Security
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 130
5.13 XACML
Description The Extensible Access Control Markup Language (XACML) is an OASIS standard for a declarative access control policy language implemented in XML, and a processing model describing how to interpret the policies.
Categories SOA Security
Classification Adopted
Usage Guidance XACML should be used as part of the development of a citizen-focused web infrastructure.
References Title URL
OASIS Specification http://www.oasis-open.org/specs/#xacmlv2.0
Wikipedia http://en.wikipedia.org/wiki/Xacml
Related TTGOV Documents
Rationale for Selection XACML is an OASIS standard and is widely used with SAML and other standards to build a Public Key Infrastructure.
Applicability G2C G2B G2G
Last Changed 17 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 131
Hashing Algorithms for Digital Signatures
5.14 SHA-1
Description The Secure Hash Algorithm (SHA) series is a set of cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal In-formation Processing Standard. The five algorithms are denoted SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. The latter four variants are sometimes collectively referred to as SHA-2. SHA-1 produces a message digest that is 160 bits long. SHA-1 is the best es-tablished of the existing SHA hash functions, and is employed in several widely used secu-rity applications and protocols. In 2005, security flaws were identified in SHA-1, namely that a possible mathematical weakness might exist, indicating that a stronger hash function would be desirable.
Categories Hashing Algorithms for Digital Signatures
Classification Deprecated
Usage Guidance SHA-256 or SHA-512 should be used in preference to SHA-1 because of the security is-sues. SHA-1 should be supported for interface to legacy systems.
References Title URL
Specification http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
Wikipedia http://en.wikipedia.org/wiki/SHA
Related TTGOV Documents
Rationale for Selection The SHA hashing algorithms are widely used and have good software support. Although stronger algorithms exist (such as SHA-256 and SHA-512), SHA-1 is still widely supported and so systems should support this for use where stronger hashing is not available.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 132
5.15 SHA-256
Description The Secure Hash Algorithm (SHA) series is a set of cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal In-formation Processing Standard. The five algorithms are denoted SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. The latter four variants are sometimes collectively referred to as SHA-2. SHA-256 produces a message digest that is 256 bits long.
Categories Hashing Algorithms for Digital Signatures
Classification Under Observation
Usage Guidance Where possible, SHA-256 or SHA-512 should be used in preference to SHA-1.
References Title URL
Specification http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
Wikipedia http://en.wikipedia.org/wiki/SHA
Related TTGOV Documents
Rationale for Selection The SHA hashing algorithms are widely used and have good software support. SHA-256 provides a more secure algorithm than the more widely used SHA-1.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 133
5.16 SHA-512
Description The Secure Hash Algorithm (SHA) series is a set of cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal In-formation Processing Standard. The five algorithms are denoted SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. The latter four variants are sometimes collectively referred to as SHA-2. SHA-512 produces a message digest that is 512 bits long.
Categories Hashing Algorithms for Digital Signatures
Classification Under Observation
Usage Guidance Where possible, SHA-256 or SHA-512 should be used in preference to SHA-1.
References Title URL
Specification http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
Wikipedia http://en.wikipedia.org/wiki/SHA
Related TTGOV Documents
Rationale for Selection The SHA hashing algorithms are widely used and have good software support. SHA-512 provides the strongest algorithm of the versions that are currently available.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 134
Digital Signature Algorithm
5.17 DSA
Description The Digital Signature Algorithm (DSA) is a United States Federal Government standard for digital signatures. DSA is covered by a U.S. Patent. This patent has been made available world-wide royalty-free.
Categories Digital Signature Algorithm
Classification Under Observation
Usage Guidance DSA may be used for digital signatures.
References Title URL
Specification http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
Wikipedia http://en.wikipedia.org/wiki/Digital_Signature_Algorithm
Related TTGOV Documents
Rationale for Selection DSA is a mature standard, widely supported by software and widely used.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 135
IP Network Level Security
5.18 IPsec
Description Internet Protocol Security (IPsec) is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream. IP-sec also includes protocols for cryptographic key establishment. Unlike most encryption protocols, IPsec operates at the network layer. The effect of this is that applications do not need to be aware of the underlying security. IPsec is described in RFC 4301 "Security Ar-chitecture for the Internet Protocol" and RFC 4309 "Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP)".
Categories IP Network Level Security
Classification Adopted
Usage Guidance IPsec can be used to secure virtual private networks (VPNs).
References Title URL
RFC 4301 http://tools.ietf.org/html/rfc4301.txt
RFC 4309 http://tools.ietf.org/html/rfc4309.txt
Related TTGOV Documents
Rationale for Selection IPsec is the only standard available for IP-level security. It is a mandatory part of IPv6 and is well supported for IPv4.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 136
Transport Level Security
5.19 FTPS
Description Strictly speaking, FTPS is not a separate protocol, but refers to the combination of a nor-mal FTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. It provides a layer of encryption of the data being transmitted. FTPS should be when you have a server that needs to be accessed from personal devices (smartphones, PDAs, and the like) or from some specific operating systems that have FTP support but don't have SSH/SFTP clients. If you are building a custom security solution, SFTP is probably the better option.
Categories File Transfer Transport Level Security
Classification Adopted
Usage Guidance Either FTPS or SFTP should be considered where encryption is required for an FTP con-nection.
References Title URL
FTP Specification http://www.ietf.org/rfc/rfc959.txt
SSL Specification http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
TLS Specification http://www.ietf.org/rfc/rfc2246.txt
RFC "Securing FTP with TLS"
http://www.ietf.org/rfc/rfc2246.txt
Wikipedia http://en.wikipedia.org/wiki/Ftps
What to Choose http://www.codeguru.com/csharp/.net/net_general/internet/article.php/c14329
Related TTGOV Documents
Rationale for Selection FTPS is a widely used, mature, protocol.
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 137
5.20 HTTPS
Description Strictly speaking, HTTPS is not a separate protocol, but refers to the combination of a normal HTTP interaction over an encrypted Secure Sockets Layer (SSL) or Transport Lay-er Security (TLS) connection. It provides a layer of encryption of the data being transmit-ted.
Categories Data Transfer Transport Level Security File Transfer
Classification Adopted
Usage Guidance HTTPS should be used instead of a simple HTTP connection when sensitive data is being transferred.
References Title URL
HTTP Specification http://www.ietf.org/rfc/rfc2616
SSL Specification http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
TLS Specification http://www.ietf.org/rfc/rfc2246.txt
Wikipedia http://en.wikipedia.org/wiki/Https
Related TTGOV Documents
Rationale for Selection Although not a protocol itself, people often refer to HTTPS. It is in very common use.
Applicability G2C G2B G2G
Last Changed 1 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 138
5.21 SFTP
Description the SSH File Transfer Protocol (SFTP) is a network protocol that provides file transfer and manipulation functionality over any reliable data stream. Compared to the SCP protocol, which allows only file transfers, the SFTP protocol allows for a range of operations on re-mote files. An SFTP client's extra capabilities compared to an SCP client include resuming interrupted transfers, directory listings, and remote file removal. Although widely imple-mented, the specification is still in draft form.
Categories File Transfer
Transport Level Security
Classification Under Observation
Usage Guidance Either FTPS or SFTP should be considered where encryption is required for an FTP con-nection.
References Title URL
Specification http://tools.ietf.org/html/draft-ietf-secsh-filexfer-10
Wikipedia http://en.wikipedia.org/wiki/SSH_file_transfer_protocol
Related TTGOV Documents
Rationale for Selection SFTP is a widely used, mature, protocol.
Applicability G2C G2B G2G
Last Changed 24 November 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 139
5.22 SSL v3
Description The SSL protocol allows applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery. SSL provides endpoint au-thentication of the server and communications privacy over the Internet using cryptog-raphy. SSL has largely been superseded by TLS, which has a fallback mode to support existing SSL systems.
Categories Transport Level Security
Classification Deprecated
Usage Guidance SSL should only be used as a fallback when TLS is not supported.
References Title URL
Specification http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
Wikipedia http://en.wikipedia.org/wiki/Secure_Sockets_Layer
Related TTGOV Documents
Rationale for Selection SSL is a widely used, mature standard.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 140
5.23 TLS v1.0
Description The TLS protocol allows applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery. TLS provides endpoint au-thentication of the server and communications privacy over the Internet using cryptog-raphy. TLS is very similar to SSL v3, which it supersedes, but is backwards compatible only when operating in its SSL fallback mode.
Categories Transport Level Security
Classification Adopted
Usage Guidance TLS should be used where it is necessary for a client to be able to authenticate a server on the Internet and to provide point to point encryption of a message.
References Title URL
RFC 2246 http://www.ietf.org/rfc/rfc2246.txt
Wikipedia http://en.wikipedia.org/wiki/Secure_Sockets_Layer
Related TTGOV Documents
Rationale for Selection TLS is a widely used, mature standard.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 141
Wireless LAN Security
5.24 WEP
Description Wired Equivalent Privacy (WEP) is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more suscepti-ble to eavesdropping than wired networks. When introduced in 1999, WEP was intended to provide confidentiality comparable to that of a traditional wired network. Beginning in 2001, several serious weaknesses were identi-fied by cryptanalysts with the result that today a WEP connection can be cracked with readily available software within minutes.
Categories Wireless LAN Security
Classification Withdrawn or Rejected
Usage Guidance This protocol should no longer be used for the reasons stated above. Use WPA instead.
References Title URL
IEEE 802.11-1999: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifi-cations
http://standards.ieee.org/getieee802/802.11.html
Wikipedia http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 5 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 142
5.25 WPA
Description Wi-Fi Protected Access (WPA) provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. WPA is based on a sub-set of the IEEE 802.11i draft amendment to the 802.11 standard. WPA is a powerful, standards-based, interoperable security technology for Wi-Fi networks. It provides strong data protection by using encryption as well as strong access controls and user authentication. WPA can be enabled in two versions - WPA-Personal and WPA-Enterprise. WPA-Personal protects unauthorized network access by utilizing a set-up password. WPA-Enterprise verifies network users through a server. WPA utilizes 128-bit encryption keys and dynamic session keys to ensure your wireless network's privacy and enterprise security. WPA2 implements all the mandatory elements of 802.11i. In particular, it introduces a new AES-based algorithm, CCMP, that is considered fully secure. From March 13, 2006, WPA2 certification is mandatory for all new devices wishing to be certified by the Wi-Fi Alliance as "Wi-Fi CERTIFIED."
Categories Wireless LAN Security
Classification Adopted
Usage Guidance Use WPA in preference to WEP. All new wireless equipment should be certified to WPA2. Existing networks may continue to support only WPA.
References Title URL
Wi-fi Alliance http://www.wi-fi.org/knowledge_center/wpa/
IEEE Std 802.11i-2004 http://ieeexplore.ieee.org/Xplore/login.jsp?url=/iel5/9214/29229/01318903.pdf
Wikipedia http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
Related TTGOV Documents
Rationale for Selection WPA provides strong security and is supported by all modern wi-fi products.
Applicability G2C G2B G2G
Last Changed 05 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 143
Encryption Algorithms
5.26 3DES
Description Triple DES is a block cipher formed from the Data Encryption Standard (DES) cipher by using it three times as a way to overcome the increase the relatively small (56 bit) key space of DES. As asymmetric algorithm, both parties to the encryption process must be in possession of the same secret key.
Categories Encryption Algorithms
Classification Deprecated
Usage Guidance Triple DES can be used when a symmetric encryption algorithm is required and AES is not supported.
References Title URL
Federal Information Processing Standard
http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
Processing Standard ANSI Specification
http://webstore.ansi.org/RecordDetail.aspx?sku=ANSI+X9.52%3A1998
Wikipedia http://en.wikipedia.org/wiki/3des
Related TTGOV Documents
Rationale for Selection 3DES is a mature and widely implemented algorithm for symmetric encryption
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 144
5.27 AES
Description The Advanced Encryption Standard (AES) is a block cipher adopted as an encryption standard by the U.S. government. It has been analysed extensively and is now used worldwide as a replacement for DES and 3DES.
Categories Encryption Algorithms
Classification Adopted
Usage Guidance AES is the preferred standard for a symmetric encryption algorithm.
References Title URL
Federal Information Pro-cessing Standard
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Wikipedia http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Related TTGOV Documents
Rationale for Selection AES is a more secure replacement for DES and 3DES.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 145
5.28 RSA v2.1
Description RSA (named after Ron Rivest, Adi Shamir, and Leonard Adleman, who first described it in a paper while working for MIT) is an algorithm for public-key cryptography. It is suitable for signing as well as encryption. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementa-tions.
Categories Encryption Algorithms
Classification Under Observation
Usage Guidance RSA may be used within a public key infrastructure. Keys should be at least 2048 bits long.
References Title URL
Specification http://www.rsa.com/rsalabs/node.asp?id=2125
Wikipedia http://en.wikipedia.org/wiki/Rsa
Related TTGOV Documents
Rationale for Selection RSA is widely used as a digital signature algorithm within a public key infrastructure. It is a mature standard well supported by software.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 146
Smart Card
5.29 ISO/IEC 14443
Description ISO/IEC 14443 defines a proximity (contactless) card used for identification that usually uses the standard credit card form factor defined by ISO/IEC 7810 ID-1. Other form factors also are possible. Biometric passports must comply with ISO/IEC 14443. The reference below is for part 1 of the standard.
Categories Smart Card
Classification Under Observation
Usage Guidance IISO/IEC 14443 should be used for contactless smart cards, especially for those holding biometric data. Profiles and related standards relating to a specific application of proximity cards should be followed.
References Title URL
Specification - Physical Characteristics
http://wg8.de/17n1363.zip
Wikipedia http://en.wikipedia.org/wiki/ISO_14443
Related TTGOV Documents
Rationale for Selection ISO/IEC 14443 is a widely used standard for Radio Frequency Identification (RFID) sys-tems, and is used internationally for holding biometric information on passports.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 147
5.30 ISO/IEC 7816
Description ISO/IEC 7816 is an international standard related to electronic identification cards, espe-cially smart cards, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The standard is in 14 parts, covering everything from physical characteristics to cryptography. The reference below is for part 1 of the standard.
Categories Smart Card
Classification Under Observation
Usage Guidance ISO/IEC 7816 should be considered as part of any smart card programme.
References Title URL
Specification - Physical Characteristics
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=29257
Wikipedia http://en.wikipedia.org/wiki/ISO_7816
Related TTGOV Documents
Rationale for Selection ISO/IEC 7816 is the international standard for smart cards. Using this standard increases the chances of international interoperability.
Applicability G2C G2B G2G
Last Changed 20 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 148
Email Security
5.31 PGP
Description Pretty Good Privacy (PGP) is a computer program that provides cryptographic privacy and authentication. PGP is often used for signing, encrypting and decrypting e-mails to in-crease the security of e-mail communications. PGP and other similar products follow the OpenPGP standard (RFC 4880) for encrypting and decrypting data.
Categories Email Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://tools.ietf.org/html/rfc4880.txt
Wikipedia http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Related TTGOV Documents
Rationale for Selection OpenPGP is a mature standard, the inclusion of which was requested by the Ministry of Health.
Applicability G2C G2B G2G
Last Changed 18 November 2008
Next Review Date June 2013
6 Web Services
A Web Service is defined by the W3C as "a software system designed to support interoperable machine-to-machine interaction over a network".
The W3C Web service definition encompasses many different systems, but in common usage the term refers to clients and servers that communicate using XML messages that follow the SOAP standard. In such sys-tems, there is often machine-readable description of the operations offered by the service written in the Web Services Description Language (WSDL) and sometimes a service registry defined by the Universal Descrip-tion, Discovery and Integration (UDDI) standard.
It should be noted that these SOAP-based web services are not the only way to invoke procedures on a remote server. Often, services can be invoked in a stateless manner using an HTTP "GET" request, or a se-ries of such requests. Such HTTP requests can result in the running of a procedure on a server, with the re-sult being returned in any desired format (XML, HTML or some other format). Such services are often re-ferred as "RESTful" services, where REST stands for "representational state transfer". RESTful services are simpler to implement than SOAP-based services. Security can be added using many of the security stand-ards in this catalogue. SOAP-based services have the benefit of a more defined security architecture, in-creasing the chances that different services will be using the same set of standards.
e-Government Omnibus Technical Standards
Confidential Page 149
Standards in this Section
Web Services
6.1 ASAP v1.0
Description The Asynchronous Service Access Protocol (ASAP) proposed standard aims to create a very simple extension of SOAP to allow for asynchronous or long-running Web services. It has been a Committee Draft at OASIS since May 2005 and is not being actively worked on.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://www.oasis-open.org/committees/download.php/14210/wd-asap-spec-02e.doc
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 150
6.2 ebXML Registry 3.0
Description Electronic Business XML (ebXML) is an OASIS initiative that aims to enable organisations of all sizes to conduct electronic business over the Internet. It is designed to replace EDI systems that can be expensive to implement and incompatible with one another. As part of this, ebXML defines a registry for storing business information in terms of a set of ebXML Registry Services (ebXML RS v3.0) and a the ebXML Registry Information Model (ebXML RIM v3.0). These standards are highlighted here as the registry can be used outside the scope of ebXML to provide a more general registry service.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Registry 3.0 Specifications http://www.oasis-open.org/committees/document.php?document_id=12049
Wikipedia http://en.wikipedia.org/wiki/Ebxml
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 24 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 151
6.3 MTOM
Description The SOAP Message Transmission Optimization Mechanism (MTOM) enables SOAP bind-ings to optimize the transmission or wire format, or both, of a SOAP message by selective-ly encoding portions of the message, while still presenting an XML Infoset to the SOAP application. Optimization is available only for binary content.
Categories Web Services
Classification Under Observation
Usage Guidance Streaming video for the web should be encoded using MPEG-4 part 2, using XVid or DivX encoding. Consideration should be given to part 10, which is rapidly gaining support. MPEG-4 should also be used where DRM support is required.
References Title URL
Specification http://www.w3.org/TR/soap12-mtom/
Wikipedia http://en.wikipedia.org/wiki/MTOM
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 152
6.4 SOAP 1.2
Description SOAP is a protocol for exchanging XML-based messages over computer networks. SOAP forms the foundation layer of the web services protocol stack providing a basic messaging framework upon which abstract layers can be built. SOAP messages can be exchanged using a variety of protocols, including application layer protocols, such as HTTP and SMTP. SOAP does not define data semantics, message routing or reliable data transfer, but just the protocol for the exchange of messages
Categories Web Services
Classification Adopted
Usage Guidance SOAP is part of the web services stack, and is mandated for use in that context. Where the sophistication (and complexity) of a web service is not required, a simple HTTP GET can be used as an alternative request/response mechanism. Consider this if your application does not require WSDL or UDDI.
References Title URL
SOAP v1.2 Part 0: Primer http://www.w3.org/TR/soap12-part0/
SOAP v1.2 Part 1: Messaging Framework
http://www.w3.org/TR/soap12-part1/
SOAP v1.2 Part 2: Adjuncts http://www.w3.org/TR/soap12-part2/
Wikipedia http://en.wikipedia.org/wiki/SOAP
Related TTGOV Documents
Rationale for Selection SOAP is widely used as a protocol for web services. Version 1.2 is the current version and is well supported by software.
Applicability G2C G2B G2G
Last Changed 27 September 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 153
6.5 SOAP with Attachments
Description A SOAP message may need to be transmitted together with attachments of various sorts, ranging from facsimile images of legal documents to engineering drawings. These are re-ferred to as an SwA (SOAP message with Attachment). Such data are often in some binary format. For example, most images on the Internet are transmitted using either GIF or JPEG data formats. SwA is not a standard, but a W3C Note describing a standard way to associ-ate a SOAP message with one or more attachments in their native format in a multipart MIME structure for transport. The specification combines specific usage of the Multi-part/Related MIME media type (RFC 2387) and the URI schemes.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
W3C Note http://www.w3.org/TR/SOAP-attachments
Wikipedia http://en.wikipedia.org/wiki/SOAP_with_Attachments
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 154
6.6 SPML
Description Service Provisioning Markup Language (SPML) is an OASIS standard intended to define and standardize an XML-based framework for exchanging user, resource, and service pro-visioning information.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specifications http://www.oasis-open.org/committees/download.php/17708/pstc-spml-2.0-os.zip
Wikipedia http://en.wikipedia.org/wiki/Spml
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 155
6.7 UDDI v3.0
Description Universal Description, Discovery and Integration (UDDI) is a platform-independent, XML-based registry for businesses worldwide to list themselves on the Internet. UDDI is an open industry initiative, sponsored by OASIS, enabling businesses to publish service listings and discover each other and define how the services or software applications interact over the Internet. A UDDI business registration consists of three components: White Pages (ad-dress, contact, and known identifiers), Yellow Pages (industrial categorisations based on standard taxonomies), and Green Pages (technical information about services exposed by the business). UDDI is designed to be interrogated by SOAP messages and to provide access to Web Services Description Language documents describing the protocol bindings and message formats required to interact with the web services listed in its directory.
Categories Web Services
Classification Under Observation
Usage Guidance UDDI should be considered where a registry of web services is required.
References Title URL
Specifications http://www.oasis-open.org/committees/uddi-spec/doc/tcspecs.htm#uddiv3
Wikipedia http://en.wikipedia.org/wiki/UDDI
Related TTGOV Documents
Rationale for Selection UDDI is the standard most commonly used for a registry of web services.
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 156
6.8 WS-Addressing
Description WS-Addressing defines how message headers direct messages to a service or agent, pro-vides an XML format for exchanging endpoint references, and defines mechanisms to di-rect replies or faults to a specific location. The specification has been published by the W3C in a series of three Recommendations.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Web Services Addressing 1.0 - Core
http://www.w3.org/TR/ws-addr-core/
Web Services Addressing 1.0 - Metadata
http://www.w3.org/TR/ws-addr-metadata/
Web Services Addressing 1.0 - SOAP Binding
http://www.w3.org/TR/ws-addr-soap/
Wikipedia http://en.wikipedia.org/wiki/WS-Addressing
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 157
6.9 WS-AtomicTransaction v1.1
Description WS-AtomicTransaction is an OASIS specification that is part of WS-Transaction. the other parts are WS-Coordination and WS-BusinessActivity. WS-AtomicTransaction specifies concrete protocols for distributed atomic transactions using the well-known two-phase commit abstract protocol. Developers can use either or both WS-AtomicTransaction and WS-BusinessActivity when building applications that require consistent agreement on the outcome of distributed activities.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-errata-os.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Atomic_Transaction
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 158
6.10 WS-BPEL v2.0
Description Business Process Execution Language for Web Services (WS-BPEL) is an OASIS specifi-cation for a language for specifying business process behaviour using Web services. BPEL4WS enables users to describe business process activities as Web services and de-fine how they can be connected to accomplish specific tasks.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.pdf
Wikipedia http://en.wikipedia.org/wiki/BPEL4WS
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 159
6.11 WS-BusinessActivity
Description WS-BusinessActivity is an OASIS specification that is part of WS-Transaction. the other parts are WS-Coordination and WS-AtomicTransaction. WS-BusinessActivity provides a protocol for long running activities using a compensation protocol. Developers can use ei-ther or both WSAtomicTransaction and WS-BusinessActivity when building applications that require consistent agreement on the outcome of distributed activities.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-errata-os.pdf
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 160
6.12 WS-CAF
Description Web Services Composite Application Framework (WS-CAF) defines an open framework for supporting coordinated and transactional compositions of multiple Web services appli-cations. WSCAF is distinct from WS-BPEL in that it takes an autonomous choreography approach compared to WS-BPEL's directed orchestration. WS-BPEL technology is de-signed for scenarios where there is a central point or organization in control of the business process. OASIS published a committee draft in 2005 and is no longer working on this standard, so it is unlikely ever to become widely adopted.
Categories Web Services
Classification Withdrawn or Rejected
Usage Guidance
References Title URL
Specification http://www.oasis-open.org/committees/download.php/15042/WS-CF.zip
Wikipedia http://en.wikipedia.org/wiki/WS-CAF
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 161
6.13 WS-CDL
Description Web Services Choreography Description Language (WS-CDL) is an XML-based language that describes peer-to-peer collaborations of parties by defining, from a global viewpoint, their common and complementary observable behaviour, where ordered message ex-changes result in accomplishing a common business goal. WS-CDL is currently a W3C Candidate Recommendation.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://www.w3.org/TR/ws-cdl-10/
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 162
6.14 WS-Coordination v1.1
Description WS-Coordination is an OASIS specification that is part of WS-Transaction. the other parts are WSAtomicTransaction and WS-BusinessActivity. WS-Transaction describes an exten-sible framework for providing protocols that coordinate the actions of distributed applica-tions. Such coordination protocols are used to support a number of applications, including those that have to reach consistent agreement on the outcome of distributed activities.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-tx/wstx-wscoor-1.1-spec-errata-os.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Coordination
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 163
6.15 WS-Discovery
Description The Web Services Dynamic Discovery defines a multicast discovery protocol to locate Web services. By default, probes are sent to a multicast group, and target services that match return a response directly to the requester. To scale to a large number of endpoints, the protocol defines the multicast suppression behaviour if a discovery proxy is available in the network. To minimize the need for polling, target services that want to be discovered send an announcement when they join and leave the network.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://specs.xmlsoap.org/ws/2005/04/discovery/ws-discovery.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Discovery
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 164
6.16 WS-Enumeration
Description The WS-Enumeration specification defines a framework to access information using a cur-sor rather than retrieving all information with one Web service invocation. The means to implement the cursor is an enumeration context that can be used by clients to request the information.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
W3C Submission http://www.w3.org/Submission/WS-Enumeration/
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 165
6.17 WS-Eventing
Description The WS-Eventing specification defines a baseline set of operations that allow Web ser-vices to provide asynchronous notifications to interested parties. WS-Eventing defines the simplest level of Web services interfaces for notification producers and notification con-sumers, including standard message exchanges to be implemented by service providers that want to act in these roles, along with operational requirements expected of them.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-eventing/WS-Eventing.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Eventing
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 166
6.18 WS-Federation v1.2
Description The Web Services Federation specification is another component of the Web Services Se-curity model that defines mechanisms to allow different security realms to federate by al-lowing and brokering trust of identities, attributes, authentication between participating Web services. The mechanisms defined in this specification can be used by passive and active requestors. The Web service requestors are assumed to understand the new security mechanisms and be capable of interacting with Web service providers.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/wsfed/federation/v1.2/ws-federation.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Federation
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 167
6.19 WS-Inspection
Description The Web Services Inspection Language (WSIL or WS-Inspection) specification was devel-oped by IBM and Microsoft and provides an XML format for assisting in the inspection of a site for available services and a set of rules for how inspection related information should be made available for consumption. A WS-Inspection document provides a means for ag-gregating references to pre-existing service description documents which have been au-thored in any number of formats. These inspection documents are then made available at the point of offering for the service as well as through references which may be placed within a content medium such as HTML.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-wsilspec/ws-wsilspec.pdf
Wikipedia http://en.wikipedia.org/wiki/Web_Services_Inspection_Language
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 168
6.20 WS-Manageability
Description WS-Manageability defines the manageability model for a Web service and how to access that model using Web services. The specification defines Web services manageability as a set of capabilities for discovering the existence, availability, health, performance, and us-age, as well as the control and configuration of a Web service within the Web services ar-chitecture.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-manage/ws-manage.pdf
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 169
6.21 WS-MessageDelivery
Description This specification defines an abstract set of message delivery properties that enable mes-sage delivery for Web services that use message exchange patterns associated with WSDL documents. It allows for a definition of complex message exchange patterns and shows how it can be used to implement a callback pattern.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
W3C Submission http://www.w3.org/Submission/2004/02/
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 170
6.22 WS-MetadataExchange
Description Web services use metadata to describe what other endpoints have to know to interact with them. Specifically, WS-Policy describes the capabilities, requirements, and general charac-teristics of Web services; WSDL describes abstract message operations, concrete network protocols, and endpoint addresses used by Web services; XML Schema describes the structure and contents of XML-based messages received and sent by Web services. To bootstrap communication with a Web service, the WSMetadataExchange specification de-fines three request-response message pairs to retrieve these three types of metadata.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://xml.coverpages.org/WS-MetadataExchange.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-MetadataExchange
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 171
6.23 WS-Notification v1.3
Description WS-Notification defines a standardized way in which Web services interact using the notifi-cation (or publish/subscribe) pattern. In the notification pattern, a Web service, or other entity, disseminates information to a set of other Web services, without having to have prior knowledge of these other Web services.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Web Services Base Notifica-tion 1.3
http://docs.oasis-open.org/wsn/wsn-ws_base_notification-1.3-spec-os.pdf
Web Services Brokered Notifi-cation 1.3
http://docs.oasis-open.org/wsn/wsn-ws_brokered_notification-1.3-spec-os.pdf
Web Services Topics 1.3 http://docs.oasis-open.org/wsn/wsn-ws_topics-1.3-spec-os.pdf
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 172
6.24 WS-Policy v1.5
Description WS-Policy is a W3C Recommendation that provides a general purpose model and syntax to describe and communicate the policies of a Web service. WS-Policy defines a policy to be a collection of one or more policy assertions. Some assertions specify traditional re-quirements and capabilities that will ultimately manifest on the wire (e.g. authentication scheme, and transport protocol selection). Some assertions specify requirements and ca-pabilities that have no wire manifestation yet are critical to proper service selection and usage (e.g. privacy policy, Quality of Service characteristics). WS-Policy provides a single policy grammar to allow both kinds of assertions to be reasoned about in a consistent manner.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
WS-Policy Framework Specifi-cation
http://www.w3.org/TR/ws-policy/
WS-Policy Attachment Specifi-cation
http://www.w3.org/TR/ws-policy-attach/
Primer http://www.w3.org/TR/ws-policy-primer/
Wikipedia http://en.wikipedia.org/wiki/Ws-policy
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 173
6.25 WS-Reliability v1.1
Description WS-Reliability is an OASIS specification for open, reliable Web services messaging includ-ing guaranteed delivery, duplicate message elimination and message ordering, enabling reliable communication between Web services. The reliability features are based on exten-sions to the Simple Object Access Protocol (SOAP), rather than being tied to the underly-ing transport protocol. The specification will allow a variety of systems to interoperate relia-bly in a platform- and vendor-neutral manner.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/wsrm/ws-reliability/v1.1/wsrm-ws_reliability-1.1-spec-os.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-Reliability
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 174
6.26 WS-ReliableMessaging
Description WS-ReliableMessaging is an OASIS standard. It describes a protocol that allows messag-es to be delivered reliably between distributed applications in the presence of software component, system, or network failures.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-ReliableMessaging
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 175
6.27 WS-SecureConversation v1.4
Description Web Services Secure Conversation is an OASIS specification for a language built on top of the WSS and WSPolicy and WS-Trust to allow sharing security contexts. WSS focuses on the message authentication model but not a security context, and thus is subject several forms of security attacks. This specification defines mechanisms for establishing and shar-ing security contexts, and deriving keys from security contexts, to enable a secure conver-sation.
Categories SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-sx/ws-secureconversation/v1.4/ws-secureconversation.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-SecureConversation
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 02 February 2009
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 176
6.28 WS-Security v1.1
Description WS-Security is an OASIS standard communications protocol providing a means for apply-ing end-to- end security to Web services. The protocol contains specifications on how in-tegrity and confidentiality can be enforced on Web services messaging. The WSS protocol includes details on the use of SAML and Kerberos, and certificate formats such as X.509.
Categories SOA Security
Classification Under Observation
Usage Guidance WS-Security should be used to provide end-to-end security of web services where this is required.
References Title URL
OASIS Specification http://www.oasis-open.org/specs/#wssv1.1
Wikipedia http://en.wikipedia.org/wiki/WS-Security
Related TTGOV Documents
Rationale for Selection WS-Security is an OASIS standard and is universally used to provide end-to-end security of SOAP based web services.
Applicability G2C G2B G2G
Last Changed 17 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 177
6.29 WS-SecurityPolicy v1.2
Description The Web Services Security Policy language defines a model and syntax to describe and communicate security policy assertions within the larger policy framework. It covers asser-tions for security tokens, data integrity, confidentiality, visibility, security headers, and the age of a message.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-SecurityPolicy
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 178
6.30 WS-Transfer
Description The WS-Transfer specification defines a protocol to access XML-based entities using Web services technologies. It also defines means to create and delete entities through factories.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
W3C Submission http://www.w3.org/Submission/WS-Transfer/
Wikipedia http://en.wikipedia.org/wiki/WS-Transfer
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 179
6.31 WS-Trust v1.4
Description The OASIS WS-Trust language uses the base mechanisms from WSS and defines addi-tional primitives and extensions for security token exchange to enable the issuance and dissemination of credentials within different trust domains. In order to secure a communication between two parties, the two parties must exchange security credentials (either directly or indirectly). However, each party needs to determine if they can "trust" the asserted credentials of the other party. This specification defines ex-tensions to WS-Security for issuing and exchanging security tokens and ways to establish and access the presence of trust relationships. Using these extensions, applications can engage in secure communication designed to work with the general Web Services frame-work, including WSDL service descriptions, UDDI businessServices and bindingTemplates, and SOAP messages.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/ws-sx/ws-trust/v1.4/ws-trust.pdf
Wikipedia http://en.wikipedia.org/wiki/WS-SecurityPolicy
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 02 October 2009
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 180
6.32 WSDL v1.1
Description The Web Services Description Language (WSDL) is an XML-based language that provides a model for describing Web services. WSDL defines services as collections of network endpoints, or ports. A port is defined by associating a network address with a reusable binding, and a collection of ports define a service. Messages are abstract descriptions of the data being exchanged, and port types are abstract collections of supported operations. The concrete protocol and data format specifications for a particular port type constitutes a reusable binding, where the operations and messages are then bound to a concrete net-work protocol and message format. In this way, WSDL describes the public interface to the web service. Although WSDL is not confined to describing services that use the SOAP protocol, it is usually used in this was as part of a SOAP-based web service.
Categories Web Services
Classification Adopted
Usage Guidance WSDL should be used where it is necessary to describe a SOAP-based web service. Ver-sion 1.1 is still the wide most widely supported version, and so should be used in prefer-ence to version 2.0.
References Title URL
Specification http://www.w3.org/TR/wsdl
Wikipedia http://www.w3.org/TR/wsdl
Related TTGOV Documents
Rationale for Selection WSDL is widely used to describe a web service. Version 1.1 is well supported by software.
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 181
6.33 WSDL v2.0
Description The Web Services Description Language (WSDL) is an XML-based language that provides a model for describing Web services. WSDL defines services as collections of network endpoints, or ports. A port is defined by associating a network address with a reusable binding, and a collection of ports define a service. Messages are abstract descriptions of the data being exchanged, and port types are abstract collections of supported operations. The concrete protocol and data format specifications for a particular port type constitutes a reusable binding, where the operations and messages are then bound to a concrete net-work protocol and message format. In this way, WSDL describes the public interface to the web service. Although WSDL is not confined to describing services that use the SOAP protocol, it is usually used in this was as part of a SOAP-based web service.
Categories Web Services
Classification Under Observation
Usage Guidance WSDL should be used where it is necessary to describe a SOAP-based web service. Ver-sion 2.0 is still not widely supported by software.
References Title URL
Specification http://www.w3.org/TR/wsdl
Wikipedia http://www.w3.org/TR/wsdl
Related TTGOV Documents
Rationale for Selection WSDL is widely used to describe a web service.
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 182
6.34 WSDM
Description Web Services Distributed Management (WSDM) defines Web services management, in-cluding using Web services architecture and technology to manage distributed resources. The scope includes developing the model of a Web service as a manageable resource.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification Part 1 http://docs.oasis-open.org/wsdm/wsdm-muws1-1.1-spec-os-01.pdf
Specification Part 2 http://docs.oasis-open.org/wsdm/wsdm-muws2-1.1-spec-os-01.pdf
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 183
6.35 WSRP v2.0
Description The OASIS Web Services for Remote Portlets (WSRP) specification defines a web service interface for accessing and interacting with interactive presentation-oriented web services. Scenarios that motivate WSRP functionality include: content hosts, such as portal servers, providing portlets as presentation-oriented web services that can be used by aggregation engines, and content aggregators, such as portal servers, consuming presentation-oriented web services provided by portal or non-portal content providers and integrating them into a portal framework.
Categories Web Services
Classification Under Observation
Usage Guidance
References Title URL
Specification http://docs.oasis-open.org/wsrp/v2/wsrp-2.0-spec-os-01.html
Wikipedia http://en.wikipedia.org/wiki/Web_Services_for_Remote_Portlets
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 21 October 2008
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 184
6.36 WSS v1.1
Description The OASIS Web Services Security (WSS, formerly WS-Security) specification describes extensions to SOAP to apply security to web services. This includes, but is not limited to, message authentication, message integrity, and message confidentiality. The specified mechanisms can be used to accommodate a wide variety of security models and encryp-tion technologies. It also provides a general-purpose mechanism for associating security tokens with message content. The WSS protocol includes details on the use of SAML and Kerberos, and certificate formats such as X.509. It also describes how to attach signatures and encryption headers to SOAP messages.
Categories Web Services
SOA Security
Classification Under Observation
Usage Guidance
References Title URL
Link to Specifications http://www.oasis-open.org/specs/index.php#wss
Wikipedia http://en.wikipedia.org/wiki/WS-Security
Related TTGOV Documents
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 22 October 2008
Next Review Date June 2013
7 System Configuration
This category includes the basic standards for system configurations. Further standards should be added as they are required
Standards in this Section
Minimum System Specifications
e-Government Omnibus Technical Standards
Confidential Page 185
7.1 Desktop Computer (Standard)
Processor Core 2 Duo / Core i3
Operating System Minimum Windows XP with SP3
Recommended Windows 7
Memory 3GB DDR2 800MHz
Primary Storage 320GB SATA, 7200 RPM
Connectivity Wired Wireless
10/100/1000 Gigabit Ether-net network interface card
Optical Device Internal DVD+/-RW
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 186
7.2 Desktop Computer (Advanced)
Processor Core i5 / Core 2 Quad processor
Operating System Minimum Windows XP with SP3
Recommended Windows 7
Memory 8GB DDR2 800MHz
Primary Storage 320GB SATA, 7200RPM
Connectivity Wired Wireless
10/100/1000 Gigabit Ether-net network interface card
Optical Device Internal DVD+/-RW
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 187
7.3 Graphics Work Station
Processor Core i5 / i7 / Core 2 Quad processor
Operating System Minimum Windows XP with SP3
Recommended Windows 7
Memory 6GB Dual Channel DDR3
Primary Storage 1TB
Connectivity Wired Wireless
10/100/1000 Gigabit Ether-net network interface card
Optical Device Dual layer DVD+/-RW
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 188
7.4 Laptop (Standard)
Processor Core 2 Duo
Operating System Minimum Windows XP with SP3
Recommended Windows 7
Memory 2GB Dual Channel DDR3
Primary Storage 160GB SATA, 7200 RPM
Connectivity Wired Wireless Bluetooth
10/100/1000 Gigabit Ether-net network interface card
802.11b/g/n network card Can be the default that is supplied with the system
Optical Device DVD+/-RW (either internal or external)
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013
e-Government Omnibus Technical Standards
Confidential Page 189
7.5 Laptop (Advanced)
Processor Intel Core 2 Duo
Operating System Minimum Windows XP with SP3
Recommended Windows 7
Memory 4GB Dual Channel DDR3
Primary Storage 320GB
Connectivity Wired Wireless Bluetooth
10/100/1000 Gigabit Ether-net network interface card
802.11b/g/n Can be the default that is supplied with the system
Optical Device DVD+/-RW (either internal or external)
Rationale for Selection
Applicability G2C G2B G2G
Last Changed 25 January 2011
Next Review Date June 2013