[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss-x] Question regarding our good old DSS test vectors
El 25/02/13 16:51, Andreas Kuehne escribió:
Agreed. May I also suggest that the public document is actually a publicly accessible document?This 'detached and well known' mode makes it difficult to verify the signature. So I would propose to modify the SR-X-DET-* test cases to refer to a public document. Some test cases with an embedded document in different encoding styles would be dropped, but this part is still under test in the SR-X-ENV-* section.
For the same reason I would like suppress cryptographic verification of detached CMS signatures.
OK, agreed.
I would say that this makes that the initially envisaged set of test cases that deal with the <SignaturePlacement> breaks in two subsets:2. I guess this is the same problem as under 1. . Refer to an addressable document or drop verification of the test case ...
1. In the first one, the signatures are enveloped.2. In the second one, the signature is placed within the document passed to the server, BUT actually signs only a part of the document, so that the signature is not actually enveloped by the signed data, but it is a detached signature from the signed data object which occurs to be also part of the document where the signature is placed. In this case, the document, the signed data object, the RefUri and the rest of input parameters to the server should carefully be selected....
Regards Juan Carlos. Juan Carlos.
Greetings, Andreas --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]