[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public comments from Inma
I propose to send out the following email in response to public
comments from Inma Marín inma@dif.um.es Thanks for your series of Comments on the OASIS DSS Core specification. Your input was greatly appreciated and has been taken into account in
the production of a revised CD which will be issued in the next few weeks for
public comment. In the mean time to let you know how the comment have been
addressed: Regarding your comments in the email of 6 Jun 2006 11:57:48 -0000 1. Regarding optional input <AddTimestamp>, in section 3.5.2.2
"Processing form XML signatures time-stamping" it is said that
"... the timestamp token created by the server shall be a
<ds:Signature>". However, most of the TSAs create RFC3161 timestamp
tokens, so I think it is recommended to take it into account and allow to embed
a RFC3161 timestamp token into a XML Signature. This has been added in 3.5.2.3 2. As far as verification of enveloping CMS signatures is concerned,
section 4.5 says: "2. [...]if the CMS signature is enveloping, it contains
its own input data and there MUST NOT be any input documents presents". On
the contrary, there are situations where we need to supply the original signed
document in order to check if the signed document (included in the CMS
signature) matches the document which was intended to be signed (original
document). If it is not possible to include the original document as an input
document in the VerifyRequest, maybe the service should return (in the
VerifyResponse) the signed document within the cms signature, so the client can
accomplish the matching (signed document against original document) by
himself. This feature is to be considered as an issue for future work. Regarding your comments in the email 16 May 2006 12:27:39 -0000 The handling of signature time-stamps has been significantly revised. Regarding your comments in the email 12 May 2006 11:52:31 -0000 The handling of signature time-stamps has been significantly revised. Regarding your comments in the email 25 Apr 2006 13:37:29 -0000 The revision to the handling of signature time-stamps has been revised
to clarify the handling of signature errors vs time-stamp errors. Regarding your comments in the email 21 Apr 2006 12:40:13 -0000 The handling of the verification time has been clarified. I will let you know as soon as the document has been released for the
final round of public comments. Regards Nick Pope (Chair OASIS DSS) |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]