[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ubl-security] Questions about the digital signature specification
Hi Jon,
I believe Andrea Caccia is more expert on providing such clarifications,
anyway I can say that XAdES is considered "advanced" compared to XMLDSIG
because it solves legal issues like non-repudiation and long term
validation of XML digital signatures.
An advanced profile of XAdES is able to allow the validation of a document
even after the certificate used to sign it has expired.
Here there is probably a simple summary of XAdES capabilities and usage
(profiles)
http://en.wikipedia.org/wiki/XAdES
> Hello UBL Security SC,
>
> I am finishing up the edits on the UBL Digital Signature specification
> version 09 (will be 10) and have two questions for you.
>
> First, regarding this paragraph:
>
> <para>TS 101 903 is an XML electronic signature standard that can be
> used to create different XML Advanced Electronic Signatures <xref
> linkend="b_XAdES"/>. XMLDSig is a general framework for digitally
> signing XML documents; XAdES extends XMLDSig for use with advanced
> and qualified electronic signatures as specified in European Union
> Directive 1999/93/EC. Use of XAdES is not limited to Europe, as it
> is being adopted by many countries outside the EU and, at the time
> of publication of this specification, it is undergoing
> standardization in ISO TC 154 [ISO/CD 14533-2]. One important
> benefit of XAdES is that the validity of electronically signed
> documents can be extended for long periods, longer than the
> expiration of the electronic certificates involved in signature
> verification and also if underlying cryptographic keys and
> algorithms security becomes inadequate.</para>
>
> I don't understand the ending of the last sentence. Could someone
> please explain?
>
> Second, regarding this paragraph:
>
> <para>It is important to note that XAdES and XMLDSig define
> digital signature processing rules and syntax but do not cover
> the implementation of security measures required for an AdES,
> which are out of scope for this document. Implementation may
> depend on local regulations in place and specific provisions set
> by the authority issuing the certificates supporting the
> signature. The
> implementer has to determine the set of requirements that
> apply to the specific context of use and determine accordingly
> the suitability of the standards and the specific profiles to be
> used: an explicit advice is given to reference directly to any
> regulation applicable to the specific context of use.</para>
>
> I don't understand the reference to "explicit advice." Would it be
> possible to get more detail here?
I believe this should be something like:
For main use cases this specification provides the indication of the best
XAdES profile to be adopted.
Cheers
Roberto
>
> Best regards,
>
> Jon
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail. Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
>
--
* JAVEST by Roberto Cisternino
*
* Document Engineering Services Ltd. - Alliance Member
* UBL Italian Localization SubCommittee (ITLSC), co-Chair
* UBL Online Community editorial board member (ubl.xml.org)
* Italian UBL Advisor
Roberto Cisternino
mobile: +39 328 2148123
skype: roberto.cisternino.ubl-itlsc
[UBL Technical Committee]
http://www.oasis-open.org/committees/ubl
[UBL Online Community]
http://ubl.xml.org
[UBL International Conferences]
http://www.ublconference.org
[UBL Italian Localization Subcommittee]
http://www.oasis-open.org/committees/ubl-itlsc
[Iniziativa divulgativa UBL Italia]
http://www.ubl-italia.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]