[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] CMS Timestamps Core Review - PostScript
Edward Shallow wrote: > Hi Nick, Juan-Carlos, and Stephan, > > I have reached an impasse as I got deeper into the XML Timestamp review. > Content Timestamps in an XML setting are very tricky and greatly overlap > with the scope of the signature References themselves. I do not see an easy > way forward if I stay on this track. We could look at removing this > treatment altogether. That is, the handling of content timestamps on both > Sign and Verify altogether. The related problem is that the text for > Timestamp verification which is nailed down fairly nicely might also have to > be de-scoped to remove references to content Timestamp treatment. > > The last problem is that AddTimestamp as it is, ONLY covers adding > Timestamps to existing signatures and does not address adding Timestamps to > the signature being created Hmm... as of wd-30, the spec was clear that <AddTimestamp> was an optional input on the signing protocol, covering the *created* signature: "The <AddTimestamp> element indicates that the client wishes the server to provide a timestamp as a property or attribute of the resultant signature." The current text (wd-37) seems to have things backward: "The <AddTimestamp> element indicates that the client wishes the server to provide a timestamp token on the <ds:SignatureValue> element in XML signatures or the signature field in CMS signatures, as a property or attribute of the resultant signature (VerifyRequest) or the supplied signature (SignRequest)." Shouldn't that be supplied signature (VerifyRequest) or resultant signature (SignRequest)? Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]