[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] OASIS DSS - SignatureObject on Input
Simply put, because what is being passed in is not a Document, it is a Signature. Again, you are failing to consider CMS which should clarify it for you. -----Original Message----- From: Trevor Perrin [mailto:trevp@trevp.net] Sent: September 14, 2004 10:58 AM To: dss@lists.oasis-open.org Subject: RE: [dss] OASIS DSS - SignatureObject on Input At 10:15 AM 9/14/2004 -0400, Edward Shallow wrote: >Intermixed. > >-----Original Message----- >From: Trevor Perrin [mailto:trevp@trevp.net] >Sent: September 14, 2004 12:00 AM >To: ed.shallow@rogers.com >Subject: Re: [dss] OASIS DSS - SignatureObject on Input > > >Right now, the Signing protocol always returns a Signature Object. >Presumably the client can insert that Signature Object into a document >itself. If the client doesn't want to do that, it can have the server >insert the signature into an Input Document, and return that document, >with the <SignaturePlacement> / <OutputDocument> options. > >[Ed] Not the use case I am refering to. The above wasn't a description of a use case, it was a description of the 2 current ways a returned signature can be inserted in a document (either the client can do it, or the client can ask the server to do it with the <SignaturePlacement> optional input). AFAICT, you're requesting a 3rd way. I don't understand why the above ways are inadequate to your scenario. >You're considering the case where the client wants the Signature Object >(a >timestamp) inserted into a particular type of document (a different >Signature Object). > >[Ed] No, not that one either. I clearly stated the use case involved >the client's need to timestamp an "existing" signature whether it be an >ASN1 or XMLDSIG one. I understood that. I thought it's what I described. > The scenario could be an internal corporate PKI wishing to have an >independent timestamp applied to an existing internally created signature. >Clearly the client needs to pass the signature in. Yes. It could pass the signature in as an Input Document. The server will produce a Signature Object (a timestamp) which now must be inserted in the original signature (the Input Document) in some way. There are 2 ways to do that, above. I'd still like to understand why those ways don't work in your case, before we consider adding something new. Trevor To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php .
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]