OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [dss-x] Schema problem refrerring to en external document as signature input

Hi Ernst Jan,

> as far as I remember from discussions the DSS-core does not allow
> references to documents elsewhere. It can only refer to an attached
> (included) document (element <AttachmentReference>).
>
thanks, I cannot remember that discussion. Was this limitation
introduced to prevent the server from being used as a platform for
DoS-attacks?

In the core we have several points like 'If the RefURI attribute
references within the same input document then [...]' and 'If the
<ds:Reference> uses an external URI and the corresponding input document
is not present, [...]' what could lead to the idea that there is no
restriction on external references. And a result code
'ReferencedDocumentNotPresent' make no sense if documents are embedded
always ...

Even the DSS core is full of miracles ;-)

Greetings,

Andreas
> Regards
>
> Ernst Jan
>
> On 19-3-2013 11:22, Andreas Kuehne wrote:
>> Hi all,
>>
>> I just took advantage of traveling time to add new test cases to our
>> dss suite. I want to create a signature on a referenced document with
>> a request element like this:
>>
>>     <dss:SignRequest
>> xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema" >
>>         <dss:OptionalInputs>
>>     <dss:SignatureType>urn:ietf:rfc:3275</dss:SignatureType>
>>         </dss:OptionalInputs>
>>         <dss:InputDocuments>
>>             <dss:Document ID="ExtDocId"
>>    
>> RefURI="localhost:8080/trustApp/sig/static/dssTest/testDocument.xml"/>
>>         </dss:InputDocuments>
>>     </dss:SignRequest>
>>
>> But this breaks the schema as the Document elements needs some child
>> object ...
>> Did I built a broken request? Or did we miss the case of signing an
>> externally referenceable document?
>>
>> Greetings,
>>
>> Andreas
>> -- 
>> Andreas Kühne
>> phone: +49 177 293 24 97
>> mailto:kuehne@trustable.de
>>
>> Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna
>> Amtsgericht Hamm HRB 5868
>>
>> Directors Andreas Kühne, Heiko Veit
>>
>> Company UK Company No: 5218868 Registered in England and Wales
>
>


-- 
Andreas Kühne 
phone: +49 177 293 24 97 
mailto: kuehne@trustable.de

Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna Amtsgericht Hamm HRB 5868

Directors Andreas Kühne, Heiko Veit

Company UK Company No: 5218868 Registered in England and Wales

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]