OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] Timestamping

Gregor,

Mostly Yes I agree.  See below.

Nick

Trevor - let me know if you want me to have a go at producing specific
updates to the requirements document.

> -----Original Message-----
> From: Gregor Karlinger [mailto:gregor.karlinger@cio.gv.at]
> Sent: 31 March 2003 09:18
> To: 'Nick Pope'
> Cc: dss@lists.oasis-open.org; 'Trevor Perrin'
> Subject: RE: [dss] Timestamping
>
>
> Nick,
>
> > -----Original Message-----
> > From: Nick Pope [mailto:pope@secstan.com]
> > Sent: Tuesday, March 25, 2003 8:49 PM
> > To: Gregor Karlinger; 'Trevor Perrin'
> > Cc: dss@lists.oasis-open.org
> > Subject: RE: [dss] Timestamping
> >
> >
> > Gregor,
> >
> > I realised that I over simplified the situation.  There are three
> > situations:
> >
> > a] A time-mark is included within the signed data as an
> > indication/affirmation from the signatory of the signing time
> >
> > b] A time-stamp is included within the signed data, applied
> > against one or all the signed objects, as an affirmation from
> > an independent party of the time at which the signed data
> > existed, which is on or before the signing time.
> >
> > c] A time-stamp is applied over the signature as an
> > affirmation from an independent party that the signature was
> > created on or after the signing time.  If the signing time is
>           ^^^^^^^^^^^
> I think this should read "on or before", right?

Yes sort of - Sorry, I am confusing the signing time and the time-stamp
time. This should read:

c] ... the signature was created on or before the time-stamp time.

>
> > also included in the signed data (as in [a]) this can be used
> > to independently support this signing time and protects
> > against later repudiation of the signature.
> >
> > I think that I have it now matching the options in XAdES.
>
> According to XAdES, I would like to add the following item
>
> d] A time-stamp is applied over
>    - signature
>    - revocation information
>    - time-stamps not signed by the signature
>    by an archiving service in order to protect against weak algorithms,
>    and key compromise (see section 7.7.1 of XAdES).
>


Yes

[c] and [d] may also be applied by the verification service.

> /Gregor
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]