OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] CMS

At 02:00 AM 4/21/2004 -0400, Edward Shallow wrote:
>[Trevor]:
>I had 2 previous questions about your approach to CMS:
>   a) how would you do client-side hashing with enveloping CMS signatures?
>[i.e. if an enveloping signature is included in a <Base64Signature>].
>
><ed>
>In the CMS world, there is really only detached and enveloping. Presently
>the core is not sufficiently specific on SignatureType for a Sign, although
>I suppose we can add additional URNs in section 7.1 to further specify CMS
>sub-types.

Yeah, we'll have to do something like that.


>b) which SignerInfos does the server verify?  All?  The first?  The one
>indicated by the client?
><ed>
>We would not be working with SignerInfos in the core in this scenario, so
>this is rhetorical. See below for the XMLDSIG answers.

In your proposal, the client sends a SignedData.  When a SignedData 
contains multiple SignerInfos (co-signatures or counter-signatures), what 
does the server do?

Well, there's several choices, and I presume we can choose one.  I see 
pluses and minuses to each of our approaches to CMS.  I'll try to summarize 
them in a separate email.


Anyways, moving on to the issue of allowing <SignatureObject> to be absent 
with XML-DSIG.  You suggest some default semantics (ie processing rules) 
for a missing <SignatureObject>.

I don't like the idea of profiles overriding default semantics with new 
semantics.  Also, the default semantics you suggest are fairly complicated, 
and their benefit is minor - allowing the client to omit a 
<SignatureObject> in a particular case.

However, you make a good point that I was trying to use <SignatureObject> 
sub-elements as flags or directives, which isn't appropriate.

So I would agree with making <SignatureObject> omittable, but I would 
prefer to leave the semantics undefined in the core.  This way, we don't 
complicate core processing, but profiles have the lattitude to implement 
"document-centric" verification, if they want.

Is this a good compromise, on the "optional <SignatureObject>" issue?

Trevor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]