[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public Comment
Comment from: inma@dif.um.es Name: Inma Marín Title: IT Consultant Organization: University of Murcia Regarding Specification: DSS Core Committee Draft 3 (DSS Core Elements) According to this specification, when a client wishes a signature to be timestamped by the server after validating it, he should use the <AddTimestamp> optional input in the <VerifyRequest>. However, it is not said how the signature should be returned (that is, what optional output should be used for this purpose). I suppose the following tasks should be accomplished: a) The <VerifyRequest> includes a <SignatureObject> with a <Signature> or <Base64Signature> --> the <VerifyResponse> includes an <UpdatedSignature> optional ouput containing the modified <SignatureObject> b) The <VerifyRequest> includes a <SignatureObject> with a <SignaturePtr> pointing to an <InputDocument> in which the signature to verify is --> the <VerifyResponse> includes an <UpdatedSignature> optional ouput containing the <SignatureObject> with the <SignaturePtr> and a <DocumentWithSignature> optional output including the document where the modifed signature is. c) The <VerifyRequest> does not include a <SignatureObject>, but there is a single <InputDocument> in which the to-be-verified signature is (enveloped signature) --> the <VerifyResponse> includes a <DocumentWithSignature> optional output including the document where the modifed signature is but, what happens with the <UpdatedSignature> optional output??. Could you be so kind as to tell me if this processing is correct, please? if not, how should be the format of the <VerifyResponse> in each situation? Thank you very much in advance. Inma.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]