[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Processing for RFC 3161 Tiemstamps on XML Signatures
Hello,
Regarding the processing for RFC3161 Timestamp on XML Signatures (section
3.5.2.3 in Draft v5 – OASIS DSS Core Specification), it is said that “If the
type attribute in this optional input is urn:ietf:rfc:3161 and […] the XML
Signature MUST contain an RFC3161, placed in a <xades:EncapsulatedTimeStamp>
within a <xades:SignatureTimeStamp>”. Does it mean that the XAdES profile
have to be supported by the service? However, XAdES is an extension to
XMLDSig that do not have to be supported by every client. On the other hand,
have you considered following the same approach as CMS Signatures? I mean
maybe the RFC3161 Timestamp could be added to the signature as an unsigned
property in (or similar to) the following way:
<ds:Signature Id=”signature1”>
….
<ds:Object>
<ds:SignatureProperties>
<ds:SignatureProperty Target="#signature1">
<dss:Timestamp xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema">
<dss:RFC3161TimeStampToken>MIICFwY…N3tI=</dss:RFC3161TimeStampToken>
</odss:Timestamp>
</ds:SignatureProperty>
</ds:SignatureProperties>
</ds:Object>
</ds:Signature>
I do not know if this is possible, but I thought it is an alternative to
XAdES approach.
Could you be so kind as to tell me your expert opinion, please?
Thank you very much in advance.
Inma.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]