[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [spam] Re: [ubl-security] UBL-XAdES-Profile 1.0-RC1
We originally avoided binding the URI to a specific version of UBL because this methodology could be used with UBL 2.0 and later versions. I also would like to enphatise that this URI should be clearly represent a a profile for digital signatures with UBL. So the actual URI is in some way assciated to the above concept. http://docs.oasis-open.org/ubl/securitysc/cd-dsigp-1/signature But the new URI is too generic: http://docs.oasis-open.org/ubl/os-UBL-2.1/etc/signature-defined I agree that pointing to a permanent location is valuable, so as UBL 2.1 is a minor version I think the UBL-2.1 root is fine but the URI should be revised to meet the original intentions. For instance: http://docs.oasis-open.org/ubl/os-UBL-2.1/etc/profiles/dsig/signature-defined Cheers, Roberto > At 2010-08-11 17:14 -0400, I wrote: >>- in fact I now believe (after working on this document) that we >>should not use a simple string that is too easily ambiguous with >>what users might inadvertently use (yes, I know "UBL" is not common, >>but why use an ad hoc identification scheme when there is one we can >>use) and select two URNs for the values on lines 430 and 435, and >>the values along the lines of: >> >> <cac:Signature> >> >><cbc:ID>http://docs.oasis-open.org/ubl/securitysc/cd-dsigp-1/signature</cbc:ID> >> [...] >> >><cbc:SignatureMethod>http://docs.oasis-open.org/ubl/securitysc/cd-dsigp-1/xades-enveloped</cbc:SignatureMethod> >> <cac:SignatoryParty> >> <cac:PartyIdentification> >> >><cbc:ID>http://docs.oasis-open.org/ubl/securitysc/cd-dsigp-1/signature-defined</cbc:ID> >> </cac:PartyIdentification> >> </cac:SignatoryParty> >> [...] >> </cac:Signature> > > Something just came to mind regarding the URI strings: as is true > with namespaces, I think we typically do not include "CD" or "PRD" or > "CS" in URI strings because software working with the drafts will > have to change for the final version even if nothing changes in the > specification. > > We don't have to do it today, but I would like to take out the "cd-" > from the above strings so that when we go through the different > phases we will not have to change what we have in the examples. > > Moreover, after discussion with Jon, we should use URI strings that > will resolve to a file in the distribution (once the distribution is > mounted after final voting and standardization, so a *long* time from > today). > > Therefore I suggest we standardize the following: > > <cac:Signature> > <cbc:ID>http://docs.oasis-open.org/ubl/os-UBL-2.1/etc/signature</cbc:ID> > [...] > <cbc:SignatureMethod>http://docs.oasis-open.org/ubl/os-UBL-2.1/etc/xades-enveloped</cbc:SignatureMethod> > <cac:SignatoryParty> > <cac:PartyIdentification> > <cbc:ID>http://docs.oasis-open.org/ubl/os-UBL-2.1/etc/signature-defined</cbc:ID> > </cac:PartyIdentification> > </cac:SignatoryParty> > [...] > </cac:Signature> > > To support this, we then create in the distribution the following files: > > etc/signature/index.html > etc/xades-enveloped/index.html > etc/signature-defined/index.html > > When we have done this, then if any user sees the HTTP URI in a > signature and they blindly plug that HTTP URI into a web browser, > what they will see will be the index.html file that the SecuritySC > creates for the distribution. > > So we need three files from the SecuritySC, each one describing the > semantic represented by the URI used in the document. For example: > > etc/signature/index.html > "This URI identifies a signature in a UBL document that is > tied to the committee standardized extension for embedding > a digital signature" > etc/xades-enveloped/index.html > "This URI identifies the method of using the committee > standardized extension for embedding a digital signature" > etc/signature-defined/index.html > "This URI indicates that the party is identified in > the signature embedded in the committee standardized extension" > > ... or something along those lines. > > These will be the first pages we have that are resolved as URI > strings, so we have to think about the syntax and appearance, but we > don't have to do that for PRD1. But I think we do need the three > files for PRD1 so that we can get feedback on what we have to say in the > files. > > . . . . . . . . . . . . . Ken > > > -- > XSLT/XQuery training: after http://XMLPrague.cz 2011-03-28/04-01 > Vote for your XML training: http://www.CraneSoftwrights.com/o/i/ > Crane Softwrights Ltd. http://www.CraneSoftwrights.com/o/ > G. Ken Holman mailto:gkholman@CraneSoftwrights.com > Male Cancer Awareness Nov'07 http://www.CraneSoftwrights.com/o/bc > Legal business disclaimers: http://www.CraneSoftwrights.com/legal > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > -- * JAVEST by Roberto Cisternino * * Document Engineering Services Ltd. - Alliance Member * UBL Italian Localization SubCommittee (ITLSC), co-Chair * UBL Online Community editorial board member (ubl.xml.org) * Italian UBL Advisor Roberto Cisternino mobile: +39 328 2148123 begin_of_the_skype_highlighting +39 328 2148123 end_of_the_skype_highlighting skype: roberto.cisternino.ubl-itlsc [UBL Technical Committee] http://www.oasis-open.org/committees/ubl [UBL Online Community] http://ubl.xml.org [UBL International Conferences] http://www.ublconference.org [UBL Italian Localization Subcommittee] http://www.oasis-open.org/committees/ubl-itlsc [Iniziativa divulgativa UBL Italia] http://www.ubl-italia.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]