OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [OASIS Issue Tracker] Commented: (OFFICE-2656) NEEDS-DISCUSSION:Clarify when signatures operate on encrypted and when on unencrypted files.



    [ http://tools.oasis-open.org/issues/browse/OFFICE-2656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=19053#action_19053 ] 

Michael Brauer commented on OFFICE-2656:
----------------------------------------

Regarding your clarification, item 1:

I can't follow your reasoning here: If the digital signature stream is not encrypted, then all references to the signature stream reference the unencrypted data, because there is no encrypted data.
If the digital signature is encrypted, we say that the references reference the decrypted data. So, in both cases, the signature operates on the non-encrypted signature stream.

Or, is the issue maybe that we are talking about encryption only, and not about the compression that is implied by the encryption. So, when I say that an consumer shall decrypt a file, then I actually mean that is also shall decompress it. Maybe that is a source of confusion, and we should say:

If a digital signature file is not encrypted, consumers shall not decrypt and decompress files that are referenced by <Reference> elements and that are encrypted before validating the signature.
If a digital signature file is encrypted, consumers shall decrypt and decompress  files that are referenced by <Reference> elements and that are encrypted before validating the signature. 

Regarding #2: I fail to see how the resolution of a "#fragment" URI results in an empty URI. Can you explain which steps lead to that result?


> NEEDS-DISCUSSION: Clarify when signatures operate on encrypted and when on unencrypted files.
> ---------------------------------------------------------------------------------------------
>
>                 Key: OFFICE-2656
>                 URL: http://tools.oasis-open.org/issues/browse/OFFICE-2656
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: Sub-task
>            Reporter: Michael Brauer
>            Assignee: Michael Brauer
>
> The ODF 1.2 part 3 CD01 specification currently does not explicitly state how references to encrypted files are handled.
> There are two uses cases:
> a) A signature is applied to an encrypted document. In this case, the signature would operate on the encrypted files.
> b) A signed document is encrypted. In this case, the signature would operate on the unencrypted files.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]