[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss-x] Comments on visible signature profile
Feedback inline.. On 25-6-2012 19:00, Juan Carlos Cruellas wrote:
I agree, the words binary and digital are so closely related... and both are about (format) representation not visualization ...Hi,Below follow some comments related to the visible signature profile. They are on Committee Specification v01 of 8 May 2010Line 57: "is related to the binary digital signature". I would propose to get rid of "binary" and leave "digital signature" only (this may be a CMS or a XML or even a PDF signature)....
Another proposal, if we reconsider "to view displayed information" (can we view non-displayed information?) as well: " (..) there is a need to visualize the (characteristics of the) digital signature."
Line 59, include " , the validity of the digital signature, " because usually this is one of the main items to consider.
Line 63: the phrase "the important element" does not add any useful information, and can be left out: Proposal:
" (..) information replace the digital signature." or:" (..) information replace the digital signature, it only visualizes the most relevant characteristics of the digital signature."
Agree, ... because in PDF (as an example) you can visualize a non-visible signature... (to make things worse).Line 63: This is the first place where the term "visible Signatures" appears, without any definition. Befor that line other terms have been used "visible information" (of the signature), "displayed information"...I am not sure about the usage of this term...in fact, the Part 6 of PAdES, which I would say could be strongly related to our profile has as title: "Visual Representations of Electronic Signatures". In its scope it defines:. Signature appearance: visual representation of the human act of signing placed within a PDF document at signing time and linked to an advanced electronic signature. Signature verification representation: visual representation of the verification of an advanced electronic signature.Link to part 6 of PAdES:http://etsi.org/deliver/etsi_ts/102700_102799/10277806/01.01.01_60/ts_10277806v010101p.pdfI would propose to consider the possibility of changing of hte term "visible signatures" for a term more accurate to what we mean, i.e., a visual representation of the signature...
The term 'visual representation of a digital signature' sounds good. We also need a short term...: 'visualized digital signature'?
That's right. The signature field only visualizes some characteristics of a digital signature. (The field is actually not 'signed', it's the document that is signed... and some characteristics are visualized and put into that field; it also incorporates some 'behaviour': whenever the user clicks on that field more information of the corresponding digital signature is visualized. ). Line 92: apparently another term "visible content". Lines 96 to 98: In the first line I read: "..the document already contain visible signature placeholders (named "signature fields")...", so this to me means that signature fields are fields for the visual representation of a signature....Then lines 97 to 98 read: "As part of the digital signature operation, the client will need to specify which signature field should be signed"...this to me means that some of the fields where the visual information will appear will actually be signed, and others no...but the key issue is that the term "signature field" is not a field where the digital signature goes, but the field where a visual representation of a digital signature appears....am I correct?
Line 98: "which signature field should be signed." --> proposal: "which signature field should be used to hold (contain) the visualized digital signature."
I think so :-) because the term 'signature field' is very PDF related... (we don't have signature fields in XML documents... )and if so, wouldn't a change in the naming be worth?
Proposal: 'signature field' --> 'signature visualization field'.
Agree. Note that the document is signed, not the field. The field is just a way to point to the location where the visualized digital signature has to be put.. Line 266 to 276. FieldName...I copy the wording of the two first lines:"This optional input will define the identitiy of a signature field to be signed. This parameter will be sent when it is required to incorporate a visible signature into the given field."So the text seems to indicate that this field first identify the field to be signed (?) and second the field where the visual representation of the signature will be included... so, this seems to indicate that the visual representation has to be included in the field, and that this field must be signed....am I right?
Line 579. FieldName for optional input for verification. The spec reads that it "willd efine the identitiy of a signature field to be verified"...what exactly validating only one field means?...and what is its relationship with the validation of a signgature?
Formally, a signature field cannot be verified. It is just a field. I would say:"This optional output will define the identity of a signature visualization field that corresponds to a (verified) digital signature."
Line 591: as part of the profile for the VerifyRequest:"This optional input will define whether the verification service should embed into the visible signature an (..)" this sounds a bit strange to me because the document will be changed: some new information is embedded into an existing field. Unless the visualization field is not part of the signed data.. such as newly created data. Maybe it was the idea to extend the document with new information (similar to PAdES-LTV)...???
Line 617: regarding Optional Output <FieldName>:"This optional output will define the identity of a signature field that is verified. This parameter will be replied for every signature field that is validated in the document as part of the signature validation service."
Note the ".. will be replied for every signature field .. ".How do you know to which digital signature it belongs? There is no reference... just a 'name' of a field. Maybe it is just a way to get all the fieldnames, and do a VerifyRequest for each of them..?? see line 580:
Line 580: "This optional input will define the identity of a signature field to be verified. This parameter will be sent in a scenario where it is required to validate only a certain field." (... a certain digital signature referenced by the field...)
From the text, it's purpose is not clear to me...
Regards Juan Carlos. --------------------------------------------------------------------- To unsubscribe, e-mail: dss-x-unsubscribe@lists.oasis-open.org For additional commands, e-mail: dss-x-help@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]