[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] XML Time-sstamp and implied references. - related problems
Juan Carlos and all, I agree with the comment. I think that this can be deleted as this is already covered by 3.3.1 item 1d i: "i. If the <Document> has a RefURI attribute, the <ds:Reference> element’s URI attribute is set to the value of the RefURI attribute, else this attribute is omitted. A signature MUST NOT be created if more than one RefURI is omitted in the set of input documents and the server MUST report a RequesterError." I note however that there a few related issues Related problem 1 - No refURI in <DocumentHash> and <TransformedData> There is a related in problem with handling <DocumentHash> (as well as transformed data) as 3.3.6 (and 3.3.5) reference 3.3.1 item 1d which includes the processing of RefURI in <Document>. However, <DocumentHash> and <TransformedData> are both defined as an element of <InputDocument> instead of <Document>, and so does not have the attribute RefURI. Thus, I suggest that <DocumentHash> and <TransformedData> are both made elements of <Document>. Related problem 2 - 2.4.3 Definition of <TransformedData> This says name="DocumentHash" should be name="TransformedData" (presumeably cut and past error). Related problem 3 - 4.3.2.2 Item 11 This does not cover all the different ways of passing the Input Document (including Hash). I suggest that this references the general signature verification procedures in 4.3. Related Problem 4 - 4.3 Item 2. This does not cover the case of implied reference. Suggest add "The RefURI MAY be omitted in at most one of the set of Input documents. " Nick > -----Original Message----- > From: Juan Carlos Cruellas [mailto:cruellas@ac.upc.edu] > Sent: 17 February 2006 13:26 > To: DSS TC List > Subject: [dss] XML Time-sstamp and implied references. > > > Dear all, > > The core document, in its section 5.1.1 mandates that > > "For every input document being timestamped, there MUST be a single > <ds:Reference> element whose URI attribute references the document". > > I think that we should not be so restrictive. XMLDSIG allows for > ds:Reference elements without URI attributes, leaving the applications > the task of actually retrieving the documents. My opinion is that we > should also replicate this behaviour and allowing ds:Reference without > URI attributes for those situations (like XAdES signatures, for > instance) where applications making use of the time-stamps already know > how to get the time-stamped data objects and how to compute the > messageImprint. > > Regards > > Juan Carlos. > > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all your > TCs in OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]