[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] OASIS DSS - SignatureObject on Input
Right now, the Signing protocol always returns a Signature Object. Presumably the client can insert that Signature Object into a document itself. If the client doesn't want to do that, it can have the server insert the signature into an Input Document, and return that document, with the <SignaturePlacement> / <OutputDocument> options. You're considering the case where the client wants the Signature Object (a timestamp) inserted into a particular type of document (a different Signature Object). I don't think that needs to be a special case. It can be handled with either of the mechanisms above: - the client retrieves a Timestamp from the server, and inserts it into a <ds:Signature> itself. - the client instructs the server to insert the signature into an Input Document, with <SignaturePlacement> / <OutputDocument>. So I don't see a need to add this to the core. Trevor At 02:33 PM 9/10/2004 -0400, Edward Shallow wrote: >Folks, > > Another feedback question I was tasked with on the September 6th >conference call (That's what happens when you miss a call, they punish you >when you get back ;). > > One of the questions in the Editorial Section of the EPM Profile relates >to the need for a minor change to the core. As such the chairs thought it >best I post this request for feedback to the list so people are aware. > > It relates to the need to include the <SignatureObject> element as a >valid element in Sign input, which today it is not. The need arises in the >EPM profile which wants to support the embedding of timestamps into existing >signatures, a common occurrence. Here is the text from the EPM Profile >explaining the <SignatureObject> optional input. This stemmed from the >consensus not to "bend" the Verify protocol when in fact no verify is being >requested. This will be common when the Validation Authority either does not >perform timestamping or these 2 services are separated. > >The <SignatureObject> optional input is only used when users are requesting >a timestamp <SignatureType>, and additionally would like that timestamp >embedded into an existing signature they may have in their possession. When >creating timestamps, the EPM supports the embedding of the requested >timestamp into an "existing" signature structure. As such the user must be >able to pass in the signature to be timestamped on the request. For this >reason the EPM profile is leveraging the existing <SignatureObject> schema >type as an optional input to carry the user's signature to be timestamped. >The EPM will add a signature timestamp as defined in section 3.1.2.2 above. >Usage of the <SignatureObject> element is required because the signature >into which the timestamp will be added already exists and is not being >generated as part of this request. > > Can the <SignatureObject> be included into the core and the necessary >text and semantics added ? > >Ed > > > >To unsubscribe from this mailing list (and be removed from the roster of >the OASIS TC), go to >http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]