[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ubl-security] Questions about the digital signature specification
Hi Jon, I believe Andrea Caccia is more expert on providing such clarifications, anyway I can say that XAdES is considered "advanced" compared to XMLDSIG because it solves legal issues like non-repudiation and long term validation of XML digital signatures. An advanced profile of XAdES is able to allow the validation of a document even after the certificate used to sign it has expired. Here there is probably a simple summary of XAdES capabilities and usage (profiles) http://en.wikipedia.org/wiki/XAdES > Hello UBL Security SC, > > I am finishing up the edits on the UBL Digital Signature specification > version 09 (will be 10) and have two questions for you. > > First, regarding this paragraph: > > <para>TS 101 903 is an XML electronic signature standard that can be > used to create different XML Advanced Electronic Signatures <xref > linkend="b_XAdES"/>. XMLDSig is a general framework for digitally > signing XML documents; XAdES extends XMLDSig for use with advanced > and qualified electronic signatures as specified in European Union > Directive 1999/93/EC. Use of XAdES is not limited to Europe, as it > is being adopted by many countries outside the EU and, at the time > of publication of this specification, it is undergoing > standardization in ISO TC 154 [ISO/CD 14533-2]. One important > benefit of XAdES is that the validity of electronically signed > documents can be extended for long periods, longer than the > expiration of the electronic certificates involved in signature > verification and also if underlying cryptographic keys and > algorithms security becomes inadequate.</para> > > I don't understand the ending of the last sentence. Could someone > please explain? > > Second, regarding this paragraph: > > <para>It is important to note that XAdES and XMLDSig define > digital signature processing rules and syntax but do not cover > the implementation of security measures required for an AdES, > which are out of scope for this document. Implementation may > depend on local regulations in place and specific provisions set > by the authority issuing the certificates supporting the > signature. The > implementer has to determine the set of requirements that > apply to the specific context of use and determine accordingly > the suitability of the standards and the specific profiles to be > used: an explicit advice is given to reference directly to any > regulation applicable to the specific context of use.</para> > > I don't understand the reference to "explicit advice." Would it be > possible to get more detail here? I believe this should be something like: For main use cases this specification provides the indication of the best XAdES profile to be adopted. Cheers Roberto > > Best regards, > > Jon > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > -- * JAVEST by Roberto Cisternino * * Document Engineering Services Ltd. - Alliance Member * UBL Italian Localization SubCommittee (ITLSC), co-Chair * UBL Online Community editorial board member (ubl.xml.org) * Italian UBL Advisor Roberto Cisternino mobile: +39 328 2148123 skype: roberto.cisternino.ubl-itlsc [UBL Technical Committee] http://www.oasis-open.org/committees/ubl [UBL Online Community] http://ubl.xml.org [UBL International Conferences] http://www.ublconference.org [UBL Italian Localization Subcommittee] http://www.oasis-open.org/committees/ubl-itlsc [Iniziativa divulgativa UBL Italia] http://www.ubl-italia.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]