OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] OASIS DSS - SignatureObject on Input




At 10:15 AM 9/14/2004 -0400, Edward Shallow wrote:
>Intermixed.
>
>-----Original Message-----
>From: Trevor Perrin [mailto:trevp@trevp.net]
>Sent: September 14, 2004 12:00 AM
>To: ed.shallow@rogers.com
>Subject: Re: [dss] OASIS DSS - SignatureObject on Input
>
>
>Right now, the Signing protocol always returns a Signature Object.
>Presumably the client can insert that Signature Object into a document
>itself.  If the client doesn't want to do that, it can have the server
>insert the signature into an Input Document, and return that document, with
>the <SignaturePlacement> / <OutputDocument> options.
>
>[Ed] Not the use case I am refering to.

The above wasn't a description of a use case, it was a description of the 2 
current ways a returned signature can be inserted in a document (either the 
client can do it, or the client can ask the server to do it with the 
<SignaturePlacement> optional input).  AFAICT, you're requesting a 3rd 
way.  I don't understand why the above ways are inadequate to your scenario.


>You're considering the case where the client wants the Signature Object (a
>timestamp) inserted into a particular type of document (a different
>Signature Object).
>
>[Ed] No, not that one either. I clearly stated the use case involved the 
>client's
>need to timestamp an "existing" signature whether it be an ASN1 or XMLDSIG
>one.

I understood that.  I thought it's what I described.

>  The scenario could be an internal corporate PKI wishing to have an
>independent timestamp applied to an existing internally created signature.
>Clearly the client needs to pass the signature in.

Yes.  It could pass the signature in as an Input Document.  The server will 
produce a Signature Object (a timestamp) which now must be inserted in the 
original signature (the Input Document) in some way.  There are 2 ways to 
do that, above.

I'd still like to understand why those ways don't work in your case, before 
we consider adding something new.


Trevor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]