OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: plans for next draft


Here's a small packet of plans, and a couple questions, for the next 
draft.  The "plans" are things that I'd like to incorporate in another 
draft, in the next day or two.


Plans (that at least a few people support)
-------------------------
1)  Add a <dss:Timestamp> which contains a child <dss:XMLTimeStampToken> 
(our current <Tst>) or <dss:RFC3161TimeStampToken>, or other, per Nick's 
suggestion [1].

2)  Add an optional <dss:TSA> of type dss:NameType to the current 
<dss:TstInfo> (per Dimitri and Nick's suggestions [2,1], with my suggestion 
of using <dss:Name> instead of a URI).

3)  Rename <dss:Options> to <dss:OptionalInputs>, per John's suggestion on 
call.

4)  Add a 'type' QName attribute to the <ContentTimestamp>, 
<SignatureTimestamp>, and <ReturnUpdatedSignature> optional inputs.  This 
allows these optional inputs to be extended, per Frederick's suggestion [3].


Other Plans
-------------------------
5)  Add a <dss:RequestorIdentity> element.

6)  Add an optional input on Verify to return the post-transformed data, 
i.e. the data that was actually signed.


Questions
-------------------------
1)  Should we add an optional <Extensions> to the current <TstInfo>, per 
Nick's suggestion [1]?  Tim had a bit of skepticism towards this [4], or at 
least thought we should clarify what it might be used for, and how 
extensions should be processed if not recognized.

RFC 3161 has an extension field, borrowed from X.509 certificates, which 
tags each extension with a "criticality" flag.  So far we've avoided 
criticality/mustUnderstand bits.

So if we added a TstInfo/Extensions, should we add it as type <xs:any>, or 
do we want it more RFC 3161-like, with critical/noncritical extensions?

2)  Should we update the <dss:Signature> element so that it can contain a 
<dss:Timestamp> (thus you can sign/verify time-stamps)?

3)  Should we change the text to clarify that time-stamping is just a 
profile of the Signing and Verifying Protocols, and not a separate 
profile?  And start work on such a profile?



Trevor

[1] http://lists.oasis-open.org/archives/dss/200311/msg00093.html

[2] http://lists.oasis-open.org/archives/dss/200311/msg00061.html

[3] http://lists.oasis-open.org/archives/dss/200311/msg00100.html

[4] http://lists.oasis-open.org/archives/dss/200311/msg00095.html

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]