dave1010
diff --git a/‎CHANGELOG.md
+23 b/‎CHANGELOG.md
+23
diff --git a/‎CODE_OF_CONDUCT.md
+70 b/‎CODE_OF_CONDUCT.md
+70
diff --git a/‎CONTRIBUTING.md
+110 b/‎CONTRIBUTING.md
+110
diff --git a/‎FAQs.md
+46 b/‎FAQs.md
+46
@@ -0,0 +1,23 @@
+# Changelog
+
+All notable changes to the XDIC (XML Data Integrity Checksum) project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/), and this project adheres to [Semantic Versioning](https://semver.org/).
+
+## [1.0] - 2023-11-16
+
+### Added
+
+- Initial release of the XML Data Integrity Checksum (XDIC) specification.
+- Specification includes:
+  - Definition and structure of the XDIC Processing Instruction (PI).
+  - Detailed process for checksum generation and verification.
+  - Guidelines for versioning and handling of different specification versions.
+  - Considerations for compatibility and interoperability across various XML parsers and systems.
+  - Security considerations discussing the scope and limitations of XDIC.
+- FAQs document providing answers to common questions about XDIC.
+- Reference implementation of the XDIC specification (link to implementation).
+- `README.md`, `CONTRIBUTING.md`, and `LICENSE` files for project documentation and contribution guidelines.
+
+### Notes
+
+- This is the first official release of XDIC, marking the launch of the project.
+- As this is the initial version, users and developers are encouraged to provide feedback and suggestions for future improvements.
@@ -0,0 +1,70 @@
+# Code of Conduct - XML Data Integrity Checksum (XDIC)
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to make participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+advances
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, or to ban
+temporarily or permanently any contributor for other behaviors that they deem
+inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at <>.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://contributor-covenant.org/), version
+[1.4](https://www.contributor-covenant.org/version/1/4/code-of-conduct/code_of_conduct.md) and
+[2.0](https://www.contributor-covenant.org/version/2/0/code_of_conduct/code_of_conduct.md),
+and was generated by [contributing-gen](https://github.com/bttger/contributing-gen).
@@ -0,0 +1,110 @@
+<!-- omit in toc -->
+# Contributing to XML Data Integrity Checksum (XDIC)
+
+First off, thanks for taking the time to contribute! ❤️
+
+All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways to help and details about how this project handles them. Please make sure to read the relevant section before making your contribution. It will make it a lot easier for us maintainers and smooth out the experience for all involved. The community looks forward to your contributions. 🎉
+
+> And if you like the project, but just don't have time to contribute, that's fine. There are other easy ways to support the project and show your appreciation, which we would also be very happy about:
+> - Star the project
+> - Tweet about it
+> - Refer this project in your project's readme
+> - Mention the project at local meetups and tell your friends/colleagues
+
+<!-- omit in toc -->
+## Table of Contents
+
+- [Code of Conduct](#code-of-conduct)
+- [I Have a Question](#i-have-a-question)
+- [I Want To Contribute](#i-want-to-contribute)
+  - [Reporting Bugs](#reporting-bugs)
+  - [Suggesting Enhancements](#suggesting-enhancements)
+
+
+## Code of Conduct
+
+This project and everyone participating in it is governed by the
+[XML Data Integrity Checksum (XDIC) Code of Conduct](https://github.com/dave1010/XML-Data-Integrity-Checksumblob/master/CODE_OF_CONDUCT.md).
+By participating, you are expected to uphold this code.
+
+
+## I Have a Question
+
+> If you want to ask a question, we assume that you have read the available [Documentation](https://github.com/dave1010/XML-Data-Integrity-Checksum/blob/main/README.md).
+
+Before you ask a question, it is best to search for existing [Issues](https://github.com/dave1010/XML-Data-Integrity-Checksum/issues) that might help you. In case you have found a suitable issue and still need clarification, you can write your question in this issue. It is also advisable to search the internet for answers first.
+
+If you then still feel the need to ask a question and need clarification, we recommend the following:
+
+- Open an [Issue](https://github.com/dave1010/XML-Data-Integrity-Checksum/issues/new).
+- Provide as much context as you can about what you're running into.
+- Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant.
+
+We will then take care of the issue as soon as possible.
+
+## I Want To Contribute
+
+> ### Legal Notice <!-- omit in toc -->
+> When contributing to this project, you must agree that you have authored 100% of the content, that you have the necessary rights to the content and that the content you contribute may be provided under the project license.
+
+### Reporting Bugs
+
+<!-- omit in toc -->
+#### Before Submitting a Bug Report
+
+A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we ask you to investigate carefully, collect information and describe the issue in detail in your report. Please complete the following steps in advance to help us fix any potential bug as fast as possible.
+
+- Make sure that you are using the latest version.
+- Determine if your bug is really a bug and not an error on your side e.g. using incompatible environment components/versions (Make sure that you have read the [documentation](https://github.com/dave1010/XML-Data-Integrity-Checksum/blob/main/README.md). If you are looking for support, you might want to check [this section](#i-have-a-question)).
+- To see if other users have experienced (and potentially already solved) the same issue you are having, check if there is not already a bug report existing for your bug or error in the [bug tracker](https://github.com/dave1010/XML-Data-Integrity-Checksumissues?q=label%3Abug).
+- Also make sure to search the internet (including Stack Overflow) to see if users outside of the GitHub community have discussed the issue.
+- Collect information about the bug:
+- Stack trace (Traceback)
+- OS, Platform and Version (Windows, Linux, macOS, x86, ARM)
+- Version of the interpreter, compiler, SDK, runtime environment, package manager, depending on what seems relevant.
+- Possibly your input and the output
+- Can you reliably reproduce the issue? And can you also reproduce it with older versions?
+
+<!-- omit in toc -->
+#### How Do I Submit a Good Bug Report?
+
+> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email.
+
+We use GitHub issues to track bugs and errors. If you run into an issue with the project:
+
+- Open an [Issue](https://github.com/dave1010/XML-Data-Integrity-Checksum/issues/new). (Since we can't be sure at this point whether it is a bug or not, we ask you not to talk about a bug yet and not to label the issue.)
+- Explain the behavior you would expect and the actual behavior.
+- Please provide as much context as possible and describe the *reproduction steps* that someone else can follow to recreate the issue on their own. This usually includes your code. For good bug reports you should isolate the problem and create a reduced test case.
+- Provide the information you collected in the previous section.
+
+Once it's filed:
+
+- The project team will label the issue accordingly.
+- A team member will try to reproduce the issue with your provided steps. If there are no reproduction steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced.
+- If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#your-first-code-contribution).
+
+### Suggesting Enhancements
+
+This section guides you through submitting an enhancement suggestion for XML Data Integrity Checksum (XDIC), **including completely new features and minor improvements to existing functionality**. Following these guidelines will help maintainers and the community to understand your suggestion and find related suggestions.
+
+<!-- omit in toc -->
+#### Before Submitting an Enhancement
+
+- Make sure that you are using the latest version.
+- Read the [documentation](https://github.com/dave1010/XML-Data-Integrity-Checksum/blob/main/README.md) carefully and find out if the functionality is already covered, maybe by an individual configuration.
+- Perform a [search](https://github.com/dave1010/XML-Data-Integrity-Checksum/issues) to see if the enhancement has already been suggested. If it has, add a comment to the existing issue instead of opening a new one.
+- Find out whether your idea fits with the scope and aims of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature. Keep in mind that we want features that will be useful to the majority of our users and not just a small subset. If you're just targeting a minority of users, consider writing an add-on/plugin library.
+
+<!-- omit in toc -->
+#### How Do I Submit a Good Enhancement Suggestion?
+
+Enhancement suggestions are tracked as [GitHub issues](https://github.com/dave1010/XML-Data-Integrity-Checksum/issues).
+
+- Use a **clear and descriptive title** for the issue to identify the suggestion.
+- Provide a **step-by-step description of the suggested enhancement** in as many details as possible.
+- **Describe the current behavior** and **explain which behavior you expected to see instead** and why. At this point you can also tell which alternatives do not work for you.
+- **Explain why this enhancement would be useful** to most XML Data Integrity Checksum (XDIC) users. You may also want to point out the other projects that solved it better and which could serve as inspiration.
+
+<!-- omit in toc -->
+## Attribution
+This guide is based on the **contributing-gen**. [Make your own](https://github.com/bttger/contributing-gen)!
@@ -0,0 +1,46 @@
+# XML Data Integrity Checksum (XDIC) Frequently Asked Questions
+
+### How do I check an XDIC hash?
+
+If you need to verify the integrity of an XML file with an embedded XDIC hash, there are several approaches you can take:
+
+1. **Use a Library or Tool**: The easiest and most reliable way to check an XDIC hash is by using a library or tool specifically designed for this purpose. These tools are built to handle the nuances of XDIC, including the correct extraction of the Processing Instruction (PI) and the computation of the checksum. Look for libraries or tools that are compatible with your programming environment and have support for XDIC.
+
+2. **Refer to the Reference Implementation**: If you are developing your own tool or if you want to understand the process in more detail, refer to the reference implementation provided with the XDIC project. This implementation serves as a practical example of how to correctly compute and verify XDIC hashes according to the specification.
+
+3. **Follow the XDIC Specification**: For a deep understanding of the process, you can consult the XDIC specification directly. The specification provides a step-by-step guide on how the checksum is generated and verified, including how to handle the XML content and the Processing Instruction.
+
+Remember, correctly checking an XDIC hash involves more than just computing a hash value; it also requires proper handling of the XML content and the XDIC Processing Instruction. Using established tools or the reference implementation ensures that these aspects are correctly addressed.
+
+## What is an XML Processing Instruction?
+
+An XML Processing Instruction (PI) is a special kind of node in an XML document that provides instructions to applications processing the XML data. PIs are not part of the document's character data but can affect how the document is handled. In XDIC, a PI is used to embed checksum information directly into the XML file.
+
+## Why is the XML not normalized?
+
+In XDIC, the XML is not normalized before checksum calculation to maintain the exact format and content of the original document. Normalization, like removing whitespace or standardizing line breaks, could alter the file in ways that are not part of its original content. By avoiding normalization, XDIC ensures that the checksum represents the file precisely as it is.
+
+## How is this similar to Subresource Integrity?
+
+[Subresource Integrity (SRI)](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) is a security feature that allows browsers to verify that resources fetched from a server (like scripts or stylesheets) are delivered without unexpected manipulation. XDIC is similar in that it also provides a way to ensure the integrity of data (XML files in this case) by using a checksum. Both SRI and XDIC use cryptographic hashes and embed these hashes in a way that they can be checked against the content they represent.
+
+## How is this different from XML Signatures?
+
+XML Signature and XDIC are both standards for ensuring the integrity of XML data, but they serve different purposes and have distinct implementations.
+
+**[XML Signature](https://www.w3.org/TR/xmldsig-core/)** is a comprehensive solution that provides data integrity, authentication, and non-repudiation. It involves complex cryptographic operations, including digital signatures using public and private keys. This makes it suitable for scenarios where verifying the authenticity of the document's source is as important as ensuring its integrity. However, this complexity requires careful key management and deeper understanding of cryptographic principles. Additionally, integrating XML Signature might necessitate adjustments to existing XML schemas and workflows, especially in systems that enforce strict schema validation.
+
+**XDIC**, on the other hand, focuses solely on data integrity. It embeds a checksum within the XML file using a Processing Instruction, providing a straightforward way to verify that the content has not been altered. This simplicity makes XDIC easier to implement and maintain, especially in environments where resources are limited or where a lightweight solution is preferred. Unlike XML Signature, XDIC does not require key management or schema modifications, making it more adaptable to a variety of systems. Furthermore, XDIC's inclusion of all file aspects, including whitespace, in the integrity check can be more comprehensive in certain use cases.
+
+## Why is the hash inside the file itself?
+
+Placing the hash inside the file as a Processing Instruction allows the integrity of the entire file to be checked in a self-contained manner. It ensures that the checksum is always associated with the file, reducing the risk of mismatch or loss that can occur when checksums are stored separately.
+
+## Why does the checksum include the Processing Instruction placeholder?
+
+The checksum includes the processing instruction placeholder to ensure that any changes to the file, including modifications to the PI itself, will invalidate the checksum. This approach provides a comprehensive integrity check of the entire file content, including the PI.
+
+## Why can the Processing Instruction be anywhere, like at the top or bottom?
+
+Allowing the PI to be placed anywhere in the file, though recommended at the top for visibility, provides flexibility in integrating XDIC with various XML structures and workflows. This flexibility ensures that XDIC can be adopted in a wide range of environments without requiring significant changes to existing XML documents.
+