This Technical Specification defines mechanisms for representing signed XML data and encrypted XML data.This Technical Specification does not specify when these mechanisms are used-that is the responsibility of the organizations that use this Technical Specification. Signing and encrypting are mechanisms for obtaining different security properties: authentication, integrity, confidentiality and non-repudiation. It is outside the scope of this Technical Specification to determine the levels of security an application requires and whether these mechanisms are suitable for that application. Security also depends on a number of external factors, such as key management and policies, which are also outside the scope of this Technical Specification.This Technical Specification contains conformance points that define the format of XML Secured Payloads. The format directly implies certain obligations for programs that create XML Secured Payloads or consume XML Secured Payloads, but explicitly defining those obligations is outside the scope of this Technical Specification.The profiles in this Technical Specification are designed for data represented as XML. If data is not in XML, it will need to be converted to an XML format before it can be used with these profiles.Intended audienceThis Technical Specification is intended for:(a) Specification authors who create service interface specifications or software specifications. They will use this Technical Specification by referencing these profiles in their specifications.(b) Software developers who create implementations of those specifications. They will use this Technical Specification by implementing the profiles in their software. The profiles chosen will depend on the specification being implemented. Note: developers will usually use existing toolkits or libraries for performing XML Encryption and XML Signature operations. They will not normally implement them from scratch.(c) Testers who check an implementation for conformance to specifications. They will use this Technical Specification to create a set of conformance points.The reader is expected to have detailed knowledge of XML, XML Encryption, XML Signature and Public Key Infrastructure (PKI).