An important consideration in the creation, deployment, and use of Web services is the message itself. Since Web services rely on the transmission and receipt of SOAP messages, the ability to verify the integrity and authenticity of these messages should have a rather high priority associated with it. Further, since Web services are often used to present commercial transaction interfaces to potential customers, message non-repudiation plays a key role in these scenarios. The XML Signature specification, a W3C/IETF effort, addresses these problems by providing a digital signature framework for XML documents based on standard public key cryptography notions, as discussed in an earlier article. more HERE