Re: [dss-x] Comments on visible signature profile

[Andreas Kuehne <kuehne@trustable.de>]

Hi Juan Carlos,
see my comments itermixed:
> Below follow some comments related to the visible signature profile.
> They are on Committee Specification v01 of 8 May 2010
>
> Line 57:  "is related to the binary digital signature". I would
> propose to get rid of "binary" and leave "digital signature" only
> (this may be a CMS or a XML or even a PDF signature)....
>
I would guess the attribute 'binary' refers to the fact that we're
dealing with both, a 'binary' and a 'visible' aspect of a signature.
> Line 63: This is the first place where the term "visible Signatures"
> appears, without any definition. Befor that line  other terms have
> been used "visible information" (of the signature), "displayed
> information"...I am not sure about the usage of this term...in fact,
> the Part 6 of PAdES, which I would say could be strongly related to
> our profile has as title: "Visual Representations of Electronic
> Signatures". In its scope it defines:
>
> . Signature appearance: visual representation of the human act of
> signing placed within a PDF document at signing time and linked to an
> advanced electronic signature
>
> . Signature verification representation: visual representation of the
> verification of an advanced electronic signature.
>
> Link to part 6 of PAdES:
> http://etsi.org/deliver/etsi_ts/102700_102799/10277806/01.01.01_60/ts_10277806v010101p.pdf
>
>
> I would propose to consider the possibility of changing of hte term
> "visible signatures" for a term more accurate to what we mean, i.e., a
> visual representation of the signature...
Yes, like PAdES we are dealing with with both, a special type of digital
signature on a PDF. On the other hand we work with a visible
representation of a signature. Right from the start I was a bit unhappy
with this mixture of concerns. Probably we should separate and clearify
things here ...
>
> . Line 92: apparently another term "visible content"
>
> . Lines 96 to 98:  In the first line I read: "..the document already
> contain visible signature placeholders (named "signature fields")...",
> so this to me means that signature fields are fields for the visual
> representation of a signature....Then lines 97 to 98 read: "As part of
> the digital signature operation, the client will need to specify which
> signature field should be signed"...this to me means that some of the
> fields where the visual information will appear will actually be
> signed, and others no...but the key issue is that the term "signature
> field" is not a field where the digital signature goes, but the field
> where a visual representation of a digital signature appears....am I
> correct? and if so, wouldn't a change in the naming be worth?
I don't think so. Afaik the signature elements within the PDF structure
have names, even if it is just a empty placeholder. There may be a
visual representation of a signature, may there is none.
>
> . Line 266 to 276. FieldName...I copy the wording of the two first lines:
> "This optional input will define the identitiy of a signature field to
> be signed. This parameter will be sent when it is required to
> incorporate a visible signature into the given field."
>
> So the text seems to indicate that this field first identify the field
> to be signed (?) and second the field where the visual representation
> of the signature will be included... so, this seems to indicate that
> the visual representation has to be included in the field, and that
> this field must be signed....am I right?
>
Again, narrowed down to PDF that's true. A signature filed is identified
by its name. And it _may_ have a visual representation ...
What's true for PDF maybe completely different for office document
signatures and the austrian 2D signature.

Again, I was unhappy with the outline of this profile. I see the need
for a group of related profiles.
But anyway, we have to get along with this profile, somehow!
>
> Line 579. FieldName for optional input for verification. The spec
> reads that it  "willd efine the identitiy of a signature field to be
> verified"...what exactly validating only one field means?...and what
> is its relationship with the validation of a signgature?
>
A PDF document may contain many signatures. Each of them can be
identified by the FieldName. If you supply a FieldName for verification
you care just for the addressed signature, not the possible other ones.

Greetings,

Andreas

-- 
Andreas Kühne 
phone: +49 177 293 24 97 
mailto: kuehne@trustable.de

Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna Amtsgericht Hamm HRB 5868

Directors Andreas Kühne, Heiko Veit

Company UK Company No: 5218868 Registered in England and Wales