[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] Groups - oasis-dss-1.0-profiles-codesigning-spec-wd-01.doc uploaded
At 04:15 PM 3/16/2004 +0000, pkasselman@betrusted.com wrote: >The document oasis-dss-1.0-profiles-codesigning-spec-wd-01.doc has been >submitted by Pieter Kasselman (pkasselman@betrusted.com) to the OASIS >Digital Signature Services TC document repository. > >Document Description: >Abstract Code-Signing Profile - First Draft > >Download Document: >http://www.oasis-open.org/apps/org/workgroup/dss/download.php/5967/oasis-dss-1.0-profiles-codesigning-spec-wd-01.doc Hi Pieter, I see this profile adds asynchronous capabilities to the signing protcol. I.e.: - client makes 1st request, gets back a RequestReference instead of a signature - client waits some period of time - client makes 2nd request, sends RequestReference, gets signature It's a legitimate scenario, and it was in our Requirements for awhile, though we decided to remove it at the F2F. Anyways, adding this functionality through a profile sorta twists the intent, if not the letter, of the core protocol: - The 1st request returns a "success" but not a signature - the 2nd request doesn't contain any input documents (technically illegal, given the current schema). These aren't show-stoppers, but I wonder if there's a cleaner approach. Suppose we add a "Pending" or "TryAgainLater" ResultMajor code in the core, meaning that the client should try the exact same request at some later time. This would be simpler for the end-user: the software developer would just re-run his command-line tool, without having to keep track of the RequestReference. It would also have less impact on the protocol: we wouldn't need RequestReference, nor would we need to stretch the rules as above. Would this be a good solution? Minor Comments ----------------------- The latest template has some different boilerplate for the Abstract and Introduction. In particular, it calls the whole document a profile, as opposed to denoting "protocol profiles", "signature profiles", etc. separately. Don't feel obliged to change, but I think the latest text is clearer: http://www.oasis-open.org/apps/org/workgroup/dss/download.php/5985/oasis-dss-1.0-profiles-XYZ-spec-wd-04.pdf Line 152 - since this profile is abstract, it doesn't need a URI identifier. Line 154 - remove bracketed "[s]". Line 156-157 - if you're changing to the new boilerplate, change it from "the profiles in this document are based on the" to "this profile is based on the". Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]