OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: core proposed changes


We discussed 2 changes at the last call:
  - mentioning that we support client handling of manifests
  - clarifying <ReturnSigningTime> / <SigningTime>, particularly in the 
case where which value to return is ambiguous.

Here's proposed text:


OLD 2.4---------------------
The <InputDocuments> element is used to send input documents to a DSS 
server, whether for signing or verifying.  An input document can be any 
piece of data that can be used as input to a signature or timestamp 
calculation.  An input document can even be a signature or timestamp (for 
example, a pre-existing signature can be counter-signed or timestamped).

NEW 2.4---------------------
The <InputDocuments> element is used to send input documents to a DSS 
server, whether for signing or verifying.  An input document can be any 
piece of data that can be used as input to a signature or timestamp 
calculation.  An input document can even be a signature or timestamp (for 
example, a pre-existing signature can be counter-signed or 
timestamped).  An input document could also be a <ds:Manifest>, allowing 
the client to handle manifest creation and verification while using the 
server to create and verify the rest of the signature.


OLD 4.6.5---------------------
The presence of the <ReturnSigningTime> optional input instructs the server 
to return a <SigningTime> output.  This output typically gives the client 
access to a time value carried within a signature attribute or a signature 
timestamp.  If no such value is present, and the server has no other way of 
determining when the signature was performed, the server should omit the 
<SigningTime> output.

NEW 4.6.5---------------------
The presence of the <ReturnSigningTime> optional input instructs the server 
to return a <SigningTime> output.  This output typically gives the client 
access to a time value carried within a signature attribute or a signature 
timestamp, or within a timestamp token if the signature itself is a 
timestamp (e.g. see section 5.1.1).  If no such value is present, and the 
server has no other way of determining when the signature was performed, 
the server should omit the <SigningTime> output.  If there are multiple 
such values present, behavior is profile-defined.


Trevor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]