[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes of Conf Call dealing with Timestamp Coverage in the Core and Profiles
Minutes/Decisions of Scype Call with Juan-Carlos Feb 14, 11:00 EST We used the Use-Case Combinations as the agenda and went through them one-by-one. Actually we only had to go through the first 8 as the second set ended up being the same issues and decisions. I'll just itemize them again for the reader's convenience. Decisions, scope, and placement points follow: Combination 1 - Sign CMS Content Standalone Combination 2 - Sign CMS Content Embedded Combination 3 - Sign CMS Signature Standalone Combination 4 - Sign CMS Signature Embedded Combination 5 - Verify CMS Content Standalone Combination 6 - Verify CMS Content Embedded Combination 7 - Verify CMS Signature Standalone Combination 8 - Verify CMS Signature Embedded Combination 9 - Sign XML Content Standalone Combination 10 - Sign XML Content Embedded Combination 11 - Sign XML Signature Standalone Combination 12 - Sign XML Signature Embedded Combination 13 - Verify XML Content Standalone Combination 14 - Verify XML Content Embedded Combination 15 - Verify XML Signature Standalone Combination 16 - Verify XML Signature Embedded Decisions and Placement: Combination 1 and 9: Should be covered in the Timestamp Profile. Small wording clarifications required. Combination 2 and 10: Relegated to the XAdES profile which actually covers both XAdES (TS 101 903) and CMS-specific TS 101 733. Clarification/referral text to be added to section 3.5.2 Combination 3 and 11: Should be covered in the Timestamp Profile. Small wording clarifications required. Lines 1831-1835 of the core also to be revised to resolve URI attribute conflicts between core and XAdES. Combination 4 and 12: Will be covered by core under 2 <AddTimestamp> scenarios: a) create both a signature and an embedded timestamp as part of the SignRequest and b) if a signature is passed in on the SignRequest with <AddTimestamp> just embed the timestamp (unauthenticated attribute). Text to be adjusted in 3.5.2 and its sub-sections. (thanks for the note Trevor) Combination 5 and 13: Should be covered in the Timestamp Profile. Perhaps text can be salvaged and moved to the Timestamp profile. Combination 6 and 14: This was the sticky one !!! Relegated to XAdES (TS101733 and TS101903 parts). However the core has a responsibility with respect to this use-case as the verification results could be misleading and inappropriate (i.e. false positive). Core to return a resultmajor:RequesterError with a resultminor:NotSupported if the incoming signature contains an authenticated attribute whose content type is OID value 1.2.840.11359.1.9.16.1.4 Text to be changed in section 4.3.2 and sub-sections. Combination 7 and 15: Should be covered in the Timestamp Profile. Small wording clarifications required. Combination 8 and 16: Will be covered by core. Most of the text is there, but we must add a new section to cover the <AddTimestamp> OptionalInput on a Verify call which is missing and required. This section will be added as 4.6.9 As it turns out, all Standalone Combinations go to the Tiemstamp Profile and all even Combinations go to either the core or XAdES Other Work Assignment Decisions: - Changes to be applied in 2 passes: - Pass 1 Ed to modify/enhance sections 3.5.2 and 3.5.2.1, sections 4.3.2 and 4.3.2.1 - Pass 2 Juan-Carlos to review Ed's changes and then modify sections 3.5.2.2 and 4.3.2.2, additionally Juan-Carlos to fix 5.1.1 and add the new 4.6.9 - all changes required in the Timestamp Profile have yet to be assigned. Cheers, Ed
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]