OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ubl-security message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: Sample instances

At 2010-08-12 11:24 -0400, I wrote:
>p.s. in my schema work I found a *mandatory* attribute in the formal 
>digital signature schemas cited by the Security SC ... I have not 
>yet documented this to the Security SC until I complete the schemas 
>... please ensure you have a required attribute:
>
><odsig:document-signatures odsig:version="1.2"
>  xmlns:odsig="urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0">

Okay, it looks like I've finished the schemas and the sample document 
I created from the web trawl is being successfully validated.

I note from the OASIS ODF committee that the 1.2 signature schema I'm 
using is labeled "cd05" which means it is not finalized:

   http://www.oasis-open.org/committees/office

Putting this out for PRD1 is fine, but there is a risk that it may 
not be finalized/approved as an OASIS standard by the time we go to 
PRD2.  The risk is that if we go out for PRD2 and possibly even CS1 
and OS with our specification that the ODF committee may change the 
schema fragment.

I can understand the desire to use the ODF wrapper for signatures, 
because I can imagine that there will be ODF signing software 
applications out there.  But will they be able to find the ODF 
signature if it isn't in an ODF document?  Said another way, would 
the software reject the document because it isn't ODF before it goes 
into the document looking for an ODF signature?

What I'm leading to is, should we replace the ODF construct with the following:

   <ublsig:document-signatures xmlns:ublsig="urn:X-figure-this-out-later">

I'm guessing it isn't a problem because Oriol has already been able 
to digitally sign and confirm the signature.

Oriol, can you determine if that software you used relies on the ODF 
wrapper?  If not, then I propose we create our own signature wrapper 
and not risk something changing in another committee.  If so, then we 
keep the ODF wrapper as it is at version 1.2.

Oriol, can you test signing an instance and testing that instance 
where that instance replaces <odsig:document-signatures> with the 
above proposed element?  That will help a lot, and if I can please 
get the immediate feedback from Security SC members, this will help 
guide my work over my committee hours this afternoon in Montreal.

Thanks!

. . . . . . . . . . Ken



--
XSLT/XQuery training:   after http://XMLPrague.cz 2011-03-28/04-01
Vote for your XML training:   http://www.CraneSoftwrights.com/o/i/
Crane Softwrights Ltd.          http://www.CraneSoftwrights.com/o/
G. Ken Holman                 mailto:gkholman@CraneSoftwrights.com
Male Cancer Awareness Nov'07  http://www.CraneSoftwrights.com/o/bc
Legal business disclaimers:  http://www.CraneSoftwrights.com/legal

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]