If any measures are to be taken to address the issues raised by John Messing in the
email dated 10 December 2008 and archived at
there is another matter that might be addressed at the same time.
If the signer desires to use a cryptographic signature, he would be foolish to
apply the signature on the notary's computer (unless, perhaps, he is using a
smart card of some kind). If the signer and the notary cannot bring the
computers they use for cryptographic signatures into the same room,
it will be necessary for the signer to prepare the XML file in advance,
up to the point where he signs it. He would then bring or send the file
to the notary, and meet with the notary in person for the notarization
ceremony.
Since the <SignedDocument> element must exist, and have an ID, in order for
the signer to sign it, and since the ID contains arcane information about the
notary (such as her commission number and date of commission expiration)
it will be difficult for the signer to construct the ID without detailed advanced
communication with the notary. Indeed, if the ceremony will occur in a place
where several notaries are on duty, the signer may not know, at the time of
XML creation, which notary will perform the notarization, and will be unable
to construct the <SignedDocument> ID attribute.
Thus, it would be useful to modify the ID attribute for all elements that must
exist at the time the signer signs to avoid reference to information about the
notary.
Gerry Ashton