[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss-x] Signature policy profile
Hi Andreas,I hereby second the statement 'the Sig Policy profile is supported by the core' - sorry for raising my voice although not raising concerns ;-)
All the best signature policies to all of us, Stefan. Am 03.05.18 um 00:05 schrieb Andreas Kuehne:
Hi all, today I had a short mail chat with Peter Lipp, part of the ETSI verification report task force. He mentioned their need for the Sig Policy profile. I did check my old mails and documents and found out that major parts of it are included in the core 2.0 (URIs of ServicePolicyin OptionalInput, AppliedPolicyin OptionalOutput). What's left out from Juan Carlos original profile is a mechanism to include the hash of the policy document into the request / response. I'm not convinced that it is necessary to hash a content that is already identified by a unique identifier. Moreover digesting a non-canonicalized object is a dangerous approach. In general, is there a need to double-ensure that a URI really means what it means? Please come up with a reason if you know one. Another aspect that wasn't transferred to core is an option to enumerate server-supported policies using a sign request. This breaks the sematic of the sign request. It should be handled by a service self describing interface. My current statement is 'the Sig Policy profile is supported by the core'. Please raise your concerns if you cannot agree to this view. Greetings, Andreas -- Andreas Kühne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas Kühne Company UK Company No: 5218868 Registered in England and Wales
-- Stefan Hagen read://shagen.de talk: eventually
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]