[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ubl-security] A Simpler Solution [was: Questions regarding the XAdES Profile]
Dear all, I understood we do not share a common line actually and I believe the reason is we are worried about different requirements (business or technical) and probably we are trying to force a solution that could be simpler. I try to provide an *alternative* solution that should fit all. This do not means the actual proposals are not good, but I please you to consider this new one to see if the read is shorter or cleaner. Firstly, I want respect two conditions: - UBL is meant for business - XAdES is meant for electronic signatures so I want keep isolated the two roles and this means I want keep the CoO as is and cac:Signature metadata as is meant to be used. Requirements: a) - Add more signatures by different actors into different times, possibly into different part of the document. b) - Keep some specific metadata about the signer (see CoO) where required c) - Ensure that subsequent signatures are not difficult to be applied and are not invalidating the previous. d) - Do not add complexity with additional scaffolding e) - Preserve actual UBL documents Solution steps: 1) Change the xpath filter to be used for signing an UBL document this way: - Remove from the signed data any cac:Signature metadata - Remove from the signed data all ext:UBLExtensions This filter should solve a) c) 2) Continue using the cac:Signature as metadata where required This solves b) e) 3) Add a new extension for each new XAdES signature and optionally reference the cac:Signature metadata (using one of the latest methodologies we initially approved) This supports a) b) c) d) e) If I am not wrong the idea is to keep signature metadata out of the signature content this way we are free to add subsequent signatures without invalidating nothing. Hope this helps. Roberto -- * JAVEST by Roberto Cisternino * * Document Engineering Services Ltd. - Alliance Member * UBL Italian Localization SubCommittee (ITLSC), co-Chair * UBL Online Community editorial board member (ubl.xml.org) * Italian UBL Advisor Roberto Cisternino mobile: +39 328 2148123 begin_of_the_skype_highlighting +39 328 2148123 end_of_the_skype_highlighting skype: roberto.cisternino.ubl-itlsc [UBL Technical Committee] http://www.oasis-open.org/committees/ubl [UBL Online Community] http://ubl.xml.org [UBL International Conferences] http://www.ublconference.org [UBL Italian Localization Subcommittee] http://www.oasis-open.org/committees/ubl-itlsc [Iniziativa divulgativa UBL Italia] http://www.ubl-italia.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]