Digital signature proposal

[Michael Brauer - Sun Germany - ham02 - Hamburg <Michael.Brauer@Sun.COM>]

Hi,

please find below a proposal for adding digital signatures to ODF. It 
consists of two parts. The first one adds digital signature to ODF 
packages in general. The 2nd describes how they are used in OpenDocument 
documents.

Best regards

Michael


Digital Signatures (to be added to chapter 17, Packages)
========================================================

Files within a package may have a digital signature applied. Digital 
signatures are stored in one or more files within the META-INF folder. 
The names of these files *shall* contain the term "signatures". Each of 
these files contains a <sig:document-signatures> root element that 
serves as a container for an arbitrary <Signature> elements as defined 
by the [xml-dsig] specification. If the <dsig:document-signatures> 
element contains multiple <Signature> elements, then there *should* be a 
relation between the digital signatures they define, for instance, they 
may all apply to the same set of files.

Applications *may* require that a digital signature includes a certain 
set of files. That is, they *may* consider a digital signature to be 
valid if, and only if,

     * the digital signature itself is valid, and
     * if the <Reference> child elements of the <Signature> element 
reference a certain set of files.

In particular, application *may* require that a digital signature 
references all files contained in a package.

The schema for digital signatures is:

  <?xml version="1.0" encoding="UTF-8"?>
  <!--
	OASIS OpenDocument v1.2
	Draft1, 19 Oct 2006
	Relax-NG Manifest Schema

	$Id$

	© 2002-2005 OASIS Open
  -->

  <grammar
	xmlns="http://relaxng.org/ns/structure/1.0";

	datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes";

	xmlns:dsig="urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"
         xmlns:xmldsig="http://www.w3.org/2000/09/xmldsig#";>

  <define name="dsig-document-signature">
	<element name="dsig:document-signature">
		<oneOrMore>
			<ref name="xmldsig-signature"/>
		</oneOrMore>
	</element>
  </define>

  <start>
	<choice>
		<ref name="dsig-document-signature"/>
	</choice>
  </start>

  <define name="xmldsig-signature">
	<element name="xmldsig:Signature">
		<ref name="xmldsigMarkup"/>
	</element>
  </define>

  <!-- To avoid inclusion of the complete XMLDSIG schema, anything -->
  <!-- is allowed within a xmldsig:Signature element            -->
  <define name="xmldsigMarkup">
	<zeroOrMore>
		<choice>
			<attribute>
				<anyName/>
			</attribute>
			<text/>
			<element>
				<anyName/>
				<ref name="xmldsigMarkup"/>
			</element>
		</choice>
	</zeroOrMore>
  </define>

[xml-dsig] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/


Document and Macro Signatures (to be added to chapter 2)
========================================================

An OpenDocument document that is stored in a package may have one or 
more digital signatures applied. A document signature is a digital 
signature that is applied to all files contained in a package, 
regardless whether they are defined by this specification or are 
application specific extensions. Document signatures are stored in a 
file called META-INF/documentsignatures.xml in the package as described 
in section [ref to package signatures]. A document signature *shall* be 
considered to be valid only if it valid itself, and if it is applied to 
all files of the package.

A macro signature is a digital signature that is applied to macro code 
and other executable code that may be contained in a package. Macro 
signatures are stored in a file called META-INF/macrosignatures.xml in 
the package as described in section [ref to package signatures]. Since 
macro code and executable code is application specific, this 
specification does not define to which files a macro signature has to 
apply. However, an application *shall* consider a macro signature as 
invalid if a package contains files to which the macro signature is not 
applied, and which contain macro or executable code that the application 
is able to execute.

Since a document signature is applied to all files, it includes the 
files to which a macro signature is applied. A document may have 
document and a macro signatures applied simultaneously, and may have 
further applications specific signatures applied.


-- 
Michael Brauer, Technical Architect Software Engineering
StarOffice/OpenOffice.org
Sun Microsystems GmbH             Nagelsweg 55
D-20097 Hamburg, Germany          michael.brauer@sun.com
http://sun.com/staroffice         +49 40 23646 500
http://blogs.sun.com/GullFOSS