[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ubl-security] UBL-XAdES-Profile 1.0-20100501 - Draft 05
Hi all, I have another last point with the spec. It's about paragraph starting at 474 and basically about the mandatory use of an XPATH expression as a ds:Transgorm. The MUST use Xpath expression is as follows: <XPath xmlns:odsig="urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"> count(ancestor-or-self::odsig:document-signatures | here()/ancestor::odsig:document-signatures[1]) > count(ancestor-or-self::odsig:document-signatures) </XPath> If the purpose of that XPath expression is to exclude the contained ds:Signatures within the odsig:document-signature as stated in the document, we could use other Xpath expressions so maybe we could define the Xpath as a recommendation, but allowing for the others as they are already implemented in National signature validation systems. My proposal then is to change that paragraph to: · each <ds:Signature> MUST contain a single transformation <ds:Transform> within <ds:Transforms>. The XPath expression contained in <ds:Transform> MUST exclude all the <ds:Signature> elements and their contents. It is recommended using the following XPath expression: <XPath xmlns:odsig="urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"> count(ancestor-or-self::odsig:document-signatures | here()/ancestor::odsig:document-signatures[1]) > count(ancestor-or-self::odsig:document-signatures) </XPath> I am attaching the document with the changes
UBL-XAdES-Profile 1.0-20100501.doc
Best regards, Oriol El 10/05/2010, a las 19:41, Roberto Cisternino escribió: > Perfect ! > >> I agree we need to change the title but "security" is a bit general one, I >> suggest "UBL Electronic Signature Profile 1.0", it is more related to >> current content. >> >> Andrea >> >> >> Il giorno 10/mag/2010, alle ore 18.27, Roberto Cisternino ha scritto: >> >>> Ok, >>> we are coming back to the original intentions. >>> >>> I would suggest to change the title of the specification as well. >>> >>> "UBL Security Profile 1.0" would be better as it really introduces a set >>> of profiles represented by normative URIs (not limited to XAdES) >>> >>> Also this new name will reflects the Subcommittee name. >>> >>> Roberto >>> >>>> Hi Andrea >>>> >>>> ok then I agree. I would be glad to add these two new profiles using >>>> XMLDsig as well. I think that the recomendation will be stronger. >>>> >>>> >>>> >>>> Regards, >>>> Oriol >>>> El 10/05/2010, a las 02:57, Andrea Caccia escribió: >>>> >>>>> Hi Oriol, >>>>> I think there is a point to clarify. >>>>> The main purpose to identify the profile with the URI is not to point >>>>> to >>>>> the signature but to identify the way the document was signed. >>>>> Especially in case of detached signature it can be useful for: >>>>> - knowing that the document is signed. This should trigger some part >>>>> of >>>>> the software to do some action to get and verify the signature >>>>> - set the signature verification and document validation processes >>>>> according to the rules stated in the profile. >>>>> The second point is especially useful to allow and support explicitly >>>>> XMLSig in addition to XAdES. >>>>> I propose, to consider your request to support also XMLDsig, to add 2 >>>>> profiles for XMLDSig (enveloped and detached) in addition to the >>>>> previous ones, in order to be able to select the right way to verify >>>>> the >>>>> signature when receiving a document. >>>>> What do you think? >>>>> >>>>> Andrea >>>>> >>>>> >>>>> Il giorno 06/mag/2010, alle ore 09.28, Oriol Bausą Peris ha scritto: >>>>> >>>>>> Hi Andrea, >>>>>> >>>>>> Here you have a quick revision of the document. >>>>>> >>>>>> Oriol >>>>>> >>>>>> <UBL-XAdES-Profile 1.0-20100501.doc> >>>>>> El 06/05/2010, a las 04:56, Andrea Caccia escribió: >>>>>> >>>>>>> Sear All, >>>>>>> I attach the new version of the draft. >>>>>>> This should take into account the comments received and there are >>>>>>> some >>>>>>> comment inside the document on issue that needs to be discussed. >>>>>>> There is a version with revision control, to view changes, and >>>>>>> another >>>>>>> (with "clean" in the name) without it. >>>>>>> In case someone would like to insert comments or changes directly in >>>>>>> the document, please use the clean version (activating revision >>>>>>> control). >>>>>>> I have not inserted the >>>>>>> "ext:UBLExtensions/ext:UBLExtension/ext:ExtensionReasonCode" to >>>>>>> include an identifier for the purpose of the signature: the reason >>>>>>> is >>>>>>> that there is a dingle UBL Extension containing all the signatures >>>>>>> and >>>>>>> it is not correct to assign the same role to all signatures. >>>>>>> For this purpose XAdES has the possibility to define the role of the >>>>>>> signer and, if those already defined are not enough, other can be >>>>>>> added. >>>>>>> I have to send the document to the TC for next week, I'm asking to >>>>>>> please send any comment not later than tomorrow >>>>>>> >>>>>>> Andrea >>>>>>> >>>>>>> >>>>>>> <UBL-XAdES-Profile 1.0-20100501-clean.doc><UBL-XAdES-Profile >>>>>>> 1.0-20100501.doc> >>>>>>> >>>>>>> >>>>>>> --------------------------------------------------------------------- >>>>>>> To unsubscribe from this mail list, you must leave the OASIS TC that >>>>>>> generates this mail. Follow this link to all your TCs in OASIS at: >>>>>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >>>>>> >>>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe from this mail list, you must leave the OASIS TC that >>>> generates this mail. Follow this link to all your TCs in OASIS at: >>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >>>> >>>> >>> >>> >>> -- >>> * JAVEST by Roberto Cisternino >>> * >>> * Document Engineering Services Ltd. - Alliance Member >>> * UBL Italian Localization SubCommittee (ITLSC), co-Chair >>> * UBL Online Community editorial board member (ubl.xml.org) >>> * Italian UBL Advisor >>> >>> Roberto Cisternino >>> >>> mobile: +39 328 2148123 > begin_of_the_skype_highlighting +39 328 > 2148123 end_of_the_skype_highlighting > begin_of_the_skype_highlighting >>> +39 >>> 328 2148123 end_of_the_skype_highlighting >>> skype: roberto.cisternino.ubl-itlsc >>> >>> [UBL Technical Committee] >>> http://www.oasis-open.org/committees/ubl >>> >>> [UBL Online Community] >>> http://ubl.xml.org >>> >>> [UBL International Conferences] >>> http://www.ublconference.org >>> >>> [UBL Italian Localization Subcommittee] >>> http://www.oasis-open.org/committees/ubl-itlsc >>> >>> [Iniziativa divulgativa UBL Italia] >>> http://www.ubl-italia.org >>> >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. Follow this link to all your TCs in OASIS at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >> >> > > > -- > * JAVEST by Roberto Cisternino > * > * Document Engineering Services Ltd. - Alliance Member > * UBL Italian Localization SubCommittee (ITLSC), co-Chair > * UBL Online Community editorial board member (ubl.xml.org) > * Italian UBL Advisor > > Roberto Cisternino > > mobile: +39 328 2148123 > skype: roberto.cisternino.ubl-itlsc > > [UBL Technical Committee] > http://www.oasis-open.org/committees/ubl > > [UBL Online Community] > http://ubl.xml.org > > [UBL International Conferences] > http://www.ublconference.org > > [UBL Italian Localization Subcommittee] > http://www.oasis-open.org/committees/ubl-itlsc > > [Iniziativa divulgativa UBL Italia] > http://www.ubl-italia.org > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]