May 03, 2017 06:00 ET releases the Software Identification [SWID] Tag Signing Guidelines for Public Review

PISCATAWAY, NJ--(Marketwired - May 3, 2017) - is announcing the release of its SWID Tag Signing Guidelines for public review and comment. This document defines the requirements and guidelines for signing SWID tags in support of the ISO/IEC industry standard. The standard states that when digitally signing SWID tags, implementers will follow at minimum the [XMLDSIG] recommendations, use an enveloped signature, add a timestamp per [W3C-XAdES], and include the public signature for the signing entity. Comments will be gathered, reviewed and considered for the final publication of approved guidelines.

As Microsoft's Michael Godsey, board chair of, stated, "The guidelines, drafted with the needs of implementers in mind, provide value for all members of the software eco-system (publishers, tool vendors, service providers, and end users)."

The public review for the SWID Tag Signing Guidelines opens on 26 April 2017. Download the SWID Tag Guidelines and provide your comments by 25 June 2017 through the instructions found at is the neutral not-for-profit validation authority for software tagging, primarily focused on software identification tags (as specified by ISO/IEC 19770-2) and software entitlement schema (as specified by ISO/IEC 19770-3). provides a shared library of software tools, technical knowledge and communications forums that decrease the costs of creating, managing and using software identification tags.

About, a Federation Member Program of IEEE-ISTO, publishes its Bylaws for public access. The Board of Directors includes Microsoft, IBM, Symantec and the U.S. Department of Homeland Security. Organizations interested in joining can download the membership packet from