[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Processing for RFC 3161 Tiemstamps on XML Signatures - resent
Inma, Thanks again for your comment. It is our belief that the full XAdES profile does not need to be adapted to implement the <xades:SignatureTimeStamp>. Rather than define our own schema elements the policy is adopt existing definitions wherever possible. In the case of CMS the situation is different in that we are adopting an existing usage for encoding signature timestamps that is defined in an annex to RFC 3161. Regards Nick Pope Co-chair - DSS TC Subject: Processing for RFC 3161 Tiemstamps on XML Signatures From: Inma Marín López <inma@dif.um.es> To: <dss-comment@lists.oasis-open.org> Date: Fri, 1 Dec 2006 15:34:02 +0100 ---------------------------------------------------------------------------- ---- Hello, Regarding the processing for RFC3161 Timestamp on XML Signatures (section 3.5.2.3 in Draft v5 - OASIS DSS Core Specification), it is said that "If the type attribute in this optional input is urn:ietf:rfc:3161 and [...] the XML Signature MUST contain an RFC3161, placed in a <xades:EncapsulatedTimeStamp> within a <xades:SignatureTimeStamp>". Does it mean that the XAdES profile have to be supported by the service? However, XAdES is an extension to XMLDSig that do not have to be supported by every client. On the other hand, have you considered following the same approach as CMS Signatures? I mean maybe the RFC3161 Timestamp could be added to the signature as an unsigned property in (or similar to) the following way: <ds:Signature Id="signature1"> .... <ds:Object> <ds:SignatureProperties> <ds:SignatureProperty Target="#signature1"> <dss:Timestamp xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema"> <dss:RFC3161TimeStampToken>MIICFwY...N3tI=</dss:RFC3161TimeStampToken> </odss:Timestamp> </ds:SignatureProperty> </ds:SignatureProperties> </ds:Object> </ds:Signature> I do not know if this is possible, but I thought it is an alternative to XAdES approach. Could you be so kind as to tell me your expert opinion, please? Thank you very much in advance. Inma. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. You must not disclose, copy or rely on any part of this correspondence if you are not the intended recipient. If you have received this email in error, please delete it from your system and notify the System Administrator at Thales e-Security +44 (0)1844 201800 or mail postmaster@thales-esecurity.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]