OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: DSS and PAdES

Dear Thomas,
sorry for answering now and not earlier, but discussions profit from taking some time :-) 

The TC has discussed the matter and in the meantime has analyzed, that
either the DSS core specification must be ammended with an additional
section on PDF signatures (as well as the AdES profile) or a new PAdES
profile must be created.
I hope this helps. I have answered Martins' mail along the same lines just to make sure all dsicussion threads are in sync.
PS: I am sure, that becoming a part of our technical committee OASIS DSS-X would help boost the development of such a profile. In any case we are always very interested in new members from the industry having implemented our standards as working solutions. OASIS offers different levels of memebership reaching from individual to enterprise levels. Some company owners join under the individual membership umbrella which from my point of view has no real "Lightness" attached and is a small fee to be able to foster and shape specifications. 

All the best,
Stefan.
Am 01.11.13 20:45, schrieb Thomas Kopp:

Dear Juan-Carlos, Dear Stefan,

LuxTrust is an accredited European service provider issuing qualified certificates and providing security and advanced electronic signature services for the banking sector and governmental organizations in Luxembourg and beyond (cf. www.luxtrust.lu<http://www.luxtrust.lu>)

Currently, LuxTrust is working on a project to offer authentication and AdES services via a SAMLv2-based portal. For this purpose, signature service requests/responses are planned to be encoded as DSS requests wrapped into SAML envelopes.

The most important document format used in practice and requested to be supported for AdES by our customers is PDF. Unfortunately, the DSS standard does not provide specific support for PAdES.

Martin Bosslet, who is working as an external consultant for LuxTrust, made a proposal to OASIS for extending DSS to also support PAdES. Although, he received a positive feedback in the beginning, the corresponding activity seems to be abandoned by OASIS.

Can you please provide us some feedback concerning the status of Martin's proposal? We are currently in a decision process and would appreciate to have some indication, as to whether we need to implement a proprietary approach or whether we can consider a candidate spec of OASIS that has a realistic chance to be adopted as an upcoming standard.

Bescht Gréiss, meilleures salutations, mit freundlichen Grüßen, with best regards,

Thomas KOPP
Head of Information Technologies
P: +352 26 68 15-574 - M: +352 621 229 316 - F: +352 26 68 15-789 - E: thomas.kopp@luxtrust.lu<mailto:thomas.kopp@luxtrust.lu>

LuxTrust S.A. |  IVY Building | 13-15, Parc d'activités | L-8308 Capellen | www.luxtrust.lu<http://www.luxtrust.lu/>


The information in this e-mail and any attachment is confidential and for use by the addressee only. Access to this e-mail by anyone else is not authorized. If you are not the intended recipient, please inform the sender and erase all copies of it from your system. Internet communications are by default not secure. LuxTrust S.A. cannot guarantee the integrity and origin of e-mails unless they have been properly digitally signed. Confidentiality of e-mails can only be guaranteed if they are encrypted properly using a secure digital certificate.LuxTrust S.A. takes precautions to ensure that e-mails are scanned for viruses but cannot accept liability for any damage sustained as a result of software viruses.


From: Martin Boßlet <martin.bosslet@gmail.com<mailto:martin.bosslet@gmail.com>>
Date: 2013/8/3
Subject: DSS and PAdES
To: dss-dev@lists.oasis-open.org<mailto:dss-dev@lists.oasis-open.org>


Hi all,

I am interested in best practices/guidelines for supporting PDF and, more specifically, PAdES signatures using DSS. I found this message [1] in the archives which pointed to the DSS-X TC. DSS-X introduced the visible signature profile, which is a great addition with respect to PDF signing using DSS, but as far as I understood the DSS-X TC has not revised the abstract DSS Core profile in the sense that explicit support for PDF/PAdES signatures would have been added.

I was wondering if some publicly available guidelines or best practices exist for using DSS in combination with PDF/PAdES signatures? Are there any plans to augment the Core profile? While it is certainly possible to use it already, explicit support would probably foster interoperability between different solutions. Right now, full PAdES support would probably require an additional concrete profile, which currently would most likely be solution-specific.

Thanks a lot in advance for your help and comments, Martin Boßlet

[1] https://lists.oasis-open.org/archives/dss-dev/200707/msg00000.html

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]