OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: On PAdES profile

Dear all,

I have been re-reading the current existing specifications for AdES signatures and for Visible signatures. Looking at the structure of the first one, it includes one abstract profile (AdES) and two concrete profiles (CAdES and XAdES related). Looking at the specificities of PAdES, as Martin mentioned, PAdES generation and validation requests may also include contents related to the appearance of the signature or of the signature validation within the document. My feeling is that the inclusion of this part within the document that profiles XAdES and CAdES signatures management, even if it is by inheriting or incorporating the specifications of visible signatures, would somehow break the homogeneity of the document. I mean, as it is now, the three parts of the document are similar in structure and parallel in contents, and this is so because through time, there have been efforts to keep XAdES and CAdES themselves aligned (although not completely successful in certain details). The incorporation of PAdES would somehow break this strong parallelism: for instance, PAdES does not manages references to validation material (i.e. their digest values) and as Martin points out the repertoire of forms is not similar to XAdES and CAdES one....not to mention all the potential optional inputs for requesting the generation of the visual appearance of the signature itself...

In the view of that, I would say that at this point in time I would be lightly inclined to generate a new document fully dedicated to PAdES generation and validation protocols, which, on one side would be a concrete instantiation of the AdES (further constraining some URIs etc.) and on the other would incorporate the visible signature profile....

What I would suggest is that each operation (SignRequest, ValidationRequest) is structured in two parts: the first one following as much as possible the concrete porfiles of XAdES and CAdES in its inner structure and a second part devoted to the visible aspects...

I do not have a very strong position on that, but as we had mentioned that during this time we should try to make our minds on this topic....


Juan Carlos.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]