RE: [dss] Comments: Async, Code-Signing, XAdES, ESeal

["Nick Pope" <pope@secstan.com>]

Trevor,

Thanks very much for going through this profile and correcting some of the
details.

I have uploaded a new version 05 of the entity seal profile with revision
marks highlighting the changes.

It was my intention to leave a certain amount of flexibility in the Entity
Seal profile, enabling interoperability for the basic functions but allowing
a certain amount of extension / variations to support additional
functionality.  Whether this makes the profile "abstract" or "concrete" I am
not sure.

More specifically on some your points:

2.6.1 Whether it is a "concrete" profile or not I do not think that
alternative underlying bindings should be precluded.  One binding is
recommended for interoperability but I can envisage situations where other
security solutions may be useful.

3.1.1 At this stage the form of Claimed identity should not be restricted.

3.1.1 The profile should not preclude use of other optional input.

5 The only part of XAdES this profile requires to be supported is signing
time.  Other elements may be supported, as with other extensions to the
Core.  I do not think that this is significant enough tp warrant mention in
the introduction.

6.1 Even though the RequesterIdentity is not an optional output it is still
set as part of the Sign process.

6.2 There is not need to further constrain the other signature properties
beyond what is in the Core.

Nick

> -----Original Message-----
> From: Trevor Perrin [mailto:trevp@trevp.net]
> Sent: 08 November 2004 08:42
> To: dss@lists.oasis-open.org
> Subject: [dss] Comments: Async, Code-Signing, XAdES, ESeal
>
>
>
> 'nother round of profile comments:
>
> (comments in change-tracking):
> http://trevp.net/dss/oasis-dss-1.0-profiles-asynchronous-processin
> g-spec-wd-04.doc
> http://trevp.net/dss/oasis-dss-1.0-profiles-eseal-spec-wd-04.doc
> http://trevp.net/dss/oasis-dss-1.0-profiles-XAdES-spec-wd-05.doc
>
>
> Code-Signing
> ------------------------------
> Section 1, the more recent profile template drops the terms "protocol
> profiles", "signature profiles", "processing profiles", since it was
> confusing to label the parts of a profile as profiles.  Instead it says
> "This document profiles the protocols, processing rules, etc.."
>
> Section 2.1, the 2 paragraphs should be more clearly linked, eg: "If it
> does so, "
>
> Section 3.1.1: this says async support is MUST, but Section 2.1
> said it was
> MAY.
>
> Sections 4 and 5 could be removed, and the Introduction revised in light.
>
> Section 6: what is a "ReferenceID"?  Also, the last bullet is truncated.
>
> Section 7, second bullet: s/transport or security/security/
>
>
> Trevor
>
>
> To unsubscribe from this mailing list (and be removed from the
> roster of the OASIS TC), go to
> http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_wor
> kgroup.php.
>
>
>