Re: [office] ODF 1.2 PAS Submission comment JP5 - OFFICE-3869: proposal for discussion

[Regina Henschel <regina.henschel@libreoffice.org>]

Hi Oliver,

Oliver-Rainer Wittmann schrieb:
> Hi,
>
> I am not an expert in the area of ODF encryption and digital signatures,
> but I would like to propose to combine would Dennis, Rob and Michael had
> been discussed.

I'm no expert too and have only mediocre knowledge of English, but 
nevertheless some comments:

> My proposal for our response to JP5 is:
> <proposal>
> We agree that the current wording might cause an uncertainty regarding
> the relationship between encryption and digital signatures.
> We suggest to replace the last two paragraphs of section 5.2 in Part 3 by:
> "If a digital signature file is not encrypted, any encrypted files
> covered by the digital signature are signed in their encrypted form as
> identified in META-INF/manifest.xml."

The part "as identified in META_INF/manifest.xml" is not clear to me. 
What thing is "identified"? What means "as identified"?

"each" instead of "any"?

I'm not sure about singular/plural in "digital signature file" (here and 
in your next paragraph). There is in part 3.5 "Digital signatures are 
stored in one or more files..." and in part 5.2 "The 
<dsig:document-signatures> root element serves as a container for any 
number of <ds:Signature> 5.3 elements" and the heading 5 "Digital 
Signatures File".

> and
> "If a digital signature file is encrypted using the encryption means
> specified for ODF 1.2 Packages, then the digital signature applies to
> the decrypted forms of all encrypted files in the package exactly as if
> they had not been encrypted.  (Note that in this case, the manifest,
> which is never encrypted, is different when there are encrypted files
> than when there are not.  In particular, the manifest must include the
> parameters that must be known to decrypt the encrypted digital signature
> files.)"

"digital signature applies to the decrypted forms of all encrypted files 
in the package"
This sound to me as if all encrypted files need to be digital signed?

Do not use "must". It is a normative key-word in OASIS, but not in ISO. 
Suggestion (similar to wording as in part 3.2):

"In particular, the manifest shall provide information required to 
decrypt the file correctly when the encryption key is also supplied."

> We also suggest to introduce a new section 3.9 "Interactions Between
> Encryption and Digital Signatures" with the following content:
> "An OpenDocument Package Producer that both encrypts and applies digital
> signatures to a document is advised to either first encrypt (per section
> 3.4) and then apply the digital signatures (per section 5) or to first
> apply the digital signatures and then encrypt.

Is "document" meant in the normative sense of part 3.1 "Unless otherwise 
stated, the term document refers to the document contained in the root 
of the package."?

> If the encryption is done first, the digital signature file is not
> encrypted. If the document is encrypted after applying the digital
> signatures, the digital signature file is encrypted - see also section 5.2.
> The perference is to first encrypt and then apply the digital signatures."
> </proposal>

Typo: perference --> preference


I'm not sure about "digital signature file is not encrypted" and 
"digital signature file is encrypted". Is this normative? If yes, 
shouldn't it be "shall not be encrypted" and "shall be encrypted"?

The proposal has the parts "is advised" and "preference". Is that 
possible in a norm?

> Please give feedback to this proposal.

Kind regards
Regina