OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Remarks on the ETSI - PAdES visible signature document

Hi All,


I went over the draft of the ETSI PAdES document and I have one general remark:


The document refers to using an image of a hand-written signature and requires getting the hand-written signature from the X509 Certificate of the signer.

I think that is a preferred option however, for the following reasons I think that the document should allow images to be selected by applications for the following reasons:

- It will take a while for CAs to enhance certificates with the new extension. And also what if the CA policy is not to enhance the certificate with a handwritten signature?

- A signer may have several graphical signatures (regular one, Initials, different colors of graphical signatures, …)

- The same may go for company Logo, should this also be part of the signer certificate as well?


I think that the document should be more flexible on this requirement and maybe tag the fact the image was retrieved from the certificate in a different manner (for example, mark this in the Visual Representation of the advanced signature) but still allow incorporating handwritten signatures or Logos as part of the signature ceremony.






Ezer Farhi | VP Engineering | ARX
phone: +972.3.9279529 | fax: +972.3.9230864 | email: ezer@arx.com | www.arx.com


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]