[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Action item resolution - clarification of non-XML disig support
As a resolution of yesterday's action item, I propose to add change section 3.2.2 (Signature Formats) to be as follows: 3.2.2 Signature Formats · XML-DSIG · CMS/PKCS#7 (RFC 2630) · XML Time-stamp Token (see 3.3.1) · Extensible to others We will focus on XML-DSIG signatures applied to XML content, due to the high acceptance and use of XML digital signatures. Deployed signature solutions such as CMS are also important and should also be supported. Given that the XML Signature protocol interface must support the variety of options such as what is signed, where signatures are placed and what processing is performed, this interface should also be powerful enough to provide an interface to servers supporting other signature formats like CMS or OpenPGP. Thus we expect to be able to use a single XML based protocol for requests and responses, allowing either XML Signature or other signature formats to be returned (as typed objects, where a non-XML signature may be a base64 encoded blob) or submitted for verification. This does not mean that the DSS work group will define ASN.1 formats to extend existing signature formats or create additional custom interfaces, but rather that the one general solution should suffice to cover the core requirements while supporting a variety of server signature implementations. As areas are identified where this is not the case, they may be added to an issues list for future consideration. regards, Frederick Frederick Hirsch Nokia Mobile Phones
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]