Hello Pim,
Thanks for the comments.
Answers below.
Regards,
Ezer
-----Original Message-----
From: Pim van der Eijk
[mailto:pvde@sonnenglanz.net]
Sent: Friday, January
09, 2009 5:28 PM
To: Ezer Farhi; 'Konrad Lanz'
Cc: 'dss-x'
Subject: RE: [dss-x] Visible
Signature Profile
Hello Ezer,
Thanks for sending the updated draft. Here are some comments:
- Some of the extension element are general extension elements, or document type-specific extensions elements rather than extensions related to the signature being "visual" or displayed. An example is the PDF "reason", "location", ContactInfo". It would be clean to separate those from the visual aspects. E.g. PDF "location" is the same as XAdES "SignatureProductionPlace".
EZER – I agree with your point and also this issue was raised in the past. We need to discuss this in the meeting.
- If this profile is to support manipulation of PDF documents, it would be nice if it would support explicitly setting the P entry for MDP signatures in the DSS request. "A value of 1 for P indicates that the document is intended to be final; that is, any changes invalidate the signature. The values 2 and 3 permit modifications that are appropriate for form field or comment workflows."
EZER – If you refer to PDF “Certify” operation I agree that this option should be included in the protocol. I think it should be “generally” incorporated to the protocol.
- There is a relation with the multiple verification report profile: when verifying e.g. a PDF document, the verify response should list the validity report of signatures that includes field names (as they typically express user roles).
EZER – You are right. And the question is raised again to whether a signature field terminology will be defined in the Visual Signature profile? Both profiles?
- 2.3.1.2.1.2 <IncludeVisibleIndication/>, could we have something like <VisualDisplayConfig /> here so that in addition to visual validation status other verification information can be displayed visually? E.g. the time and date of validation. Is this to be used in conjunction with <ReturnUpdatedSignature/>?
EZER – That’s a good point. I will incorporate that into the document.
- 2.3.2.2 refers only to <Base64Data/>, but the server could also return the modified document as an attachment.
EZER – Right. I will incorporate that into the document.
Good weekend and talk to you on Monday.
Kind regards,
Pim
From: Ezer Farhi [mailto:Ezer@arx.com]
Sent: 06 January 2009 13:36
To: Pim van der Eijk; Konrad Lanz
Cc: dss-x
Subject: [dss-x] Visible Signature
Profile
Hi Pim and Konrad,
On next Monday we will progress with the Visible Signature profile.
I thought of going through a presentation that summarizes the current status of the profile in terms of requirements/decisions made so far and presenting the basic structure of the profile.
Attached to this email, a first draft of the presentation as well as an updated profile document.
Appreciate if you can go over the presentation and help me with ideas/remarks you have.
Also, appreciate remarks on the updated profile document.
Best Regards,
Ezer
