[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [legalxml-enotary] Request to add agenda item to upcoming eNotaryTC meeting
Does that mean you still need instructions for validating the XML based on the XSD I've submitted, or not? From later e-mails in this thread, it sounds like you've already verified the XML samples I've provided. Please advise. Arshad Noor StrongAuth, Inc. John Messing wrote: > Agreed, although I later realized I may have (senior) momentarily > confused cryptographic validation with schema validation. > >> -------- Original Message -------- >> Subject: RE: [legalxml-enotary] Request to add agenda item to upcoming >> eNotary TC meeting >> From: "Mark Ladd" <mark.ladd@addison-one.com> >> Date: Fri, April 11, 2008 6:50 pm >> To: "'Arshad Noor'" <arshad.noor@strongauth.com>, >> <legalxml-enotary@lists.oasis-open.org> >> >> >> Arshad, >> >> Thank you for your prompt response. I was away from the office for extended >> periods today and you provided much better background information than I >> would have anyway. >> >> I saw John's follow-up email and would encourage continuing discussion on >> the list between now and the TC conference call. >> >> I will be attending a conference this weekend and early next week so I will >> likely be slow to respond, but look forward to the dialogue. >> >> >> Mark Ladd >> Addison/One, LLC >> 262-498-0850 >> >> mark.ladd@addison-one.com >> >> -----Original Message----- >> From: Arshad Noor [mailto:arshad.noor@strongauth.com] >> Sent: Friday, April 11, 2008 5:08 PM >> To: legalxml-enotary@lists.oasis-open.org >> Subject: Re: [legalxml-enotary] Request to add agenda item to upcoming >> eNotary TC meeting >> >> Being the consultant that John refers to in his e-mail, I will >> state this in my defense: >> >> While I did, indeed, choose to use the XML Signature (DSIG) >> standard for defining the elements within the eNotary XML Schema >> Definitions (XSD), there is nothing in DSIG that states you MUST >> use asymmetric-key based digital signatures to conform to it. >> Indeed, the DSIG standard allows for other cryptographic key- >> based signatures within its schema, and that is exactly what I >> took advantage of. >> >> The DSIG standard is a good one. While it is traditionally >> associated with PKI/Digital Signatures (in fact, John falls >> into that same trap when he assumes that), it is not restricted >> to just asymmetric-keys. It can be used with symmetric keys too >> (although there are security issues that must be taken into >> consideration when looking at any symmetric key-based signature >> standard). >> >> Since DSIG can use any cryptographic key scheme, it made sense >> to use such a well-known and accepted standard for the eNotary >> specification. And it does work. As evidence, the sample XML >> files that are included in the zip file sent to the TC, include >> two symmetric-key based eNotary documents that conform to the >> XSD I've created and which can be validated correctly by XSD >> verifiers. >> >> So, it is my contention that I have delivered within the spirit >> and terms of the contract, albeit a little later than planned >> due to unforeseen communication gaps and new requirements (see >> below). I have also indicated to the subcommittee that I plan >> to complete this project well before the originally scheduled >> completion date - September/October '08 instead of December '08. >> >> The deliverable has also gone above & beyond the original terms >> and it has accommodated two new business requirements not >> originally written into the contract: >> >> 1) The need to allow existing XML-aware applications to notarize >> documents by adding an element to their schema, rather than >> by wrapping it within an OASIS defined eNotary element. The >> XSD I've created now allows for both, providing maximum >> flexibility to the industry for new & legacy applications; >> >> 2) The need to have multiple notaries notarize a single document >> at different times and places; >> >> It is my goal to ensure that the eNotary standard has the widest >> acceptance by creating an XSD that is meaningful to everyone. In >> the spirit of that goal, I have already indicated to the leaders >> of the subcommittee, that I will do what is necessary to achieve >> that objective. I will reiterate that sentiment here to the TC. >> >> I believe, discussion around the rest of John's e-mail is up to >> the TC. >> >> Arshad Noor >> StrongAuth, Inc. >> >> >> John Messing wrote: >>> Unfortunately, despite the contractual commitment the consultant changed >>> his mind and decided he did not want to proceed that way. The TC >>> leadership has not seen its way to following through on its initial >>> vision, with the result that the project implementation dates are >>> grossly overdue and a new proposal, based once again on digital >>> signature technology, which will likely perpetuate the problems noted in >>> a and b above notwithstanding the status of xml dsig as an open standard >>> in non-notary settings, has been put forth in its place. >>> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. You may a link to this group and all your TCs in OASIS >> at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. You may a link to this group and all your TCs in OASIS >> at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]