Integrity for CityGML

[securedimensions]

Please consider supporting integrity (and authenticity) as defined in XML Signature Syntax and Processing Version 1.1

[TatjanaKutzner]

We discussed the issue in the web meeting on 2 June 2021 and think that in general it is a good idea to add integrity to CityGML using XML Signature. The required <Signature> element could be added to CityGML instance documents as last element without problems.

However, the following questions arose: Should only the whole document be signed or also individual parts of the document? What about different issuers with different signatures in the same instance document? Should also encryption be supported? What about textures or exernal references (e.g. LAS files), should they also be signed? Do we aim at a solution for CityGML only or for other encoding standards within the OGC as well?

The result of the discussion was, that the use cases need to be clear, before a decision can be made. Thus, the task is now for everybody to collect relevant use cases. Also, the topic should be discussed within the whole CityGML SWG.

Also, it could be useful to have a look at the NATO Standardization Agreements 4774 CONFIDENTIALITY METADATA LABEL SYNTAX (https://nso.nato.int/nso/zPublic/ap/PROM/ADatP-4774%20EDA%20V1%20E.pdf) and 4778 METADATA BINDING MECHANISM (https://nso.nato.int/nso/zPublic/ap/PROM/ADatP-4778%20EDA%20V1%20E.pdf).