OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [office-comment] Change Tracking issue

Ha Jaqui,

First thank you for your answere. I think it is very good that you 
pointed out to the Commity that we should think about privacy and 
security issues in the specification. I still think it can be covered by 
a single tag. Let's take your contract negotation as an example.  The 
text of the contract is crypted between tag's with a given ID. This ID 
points in the end to a key. The involved parties have this key available 
and can do with the document what they like. If they have finished the 
contract they can choose to lift the tag so it is readable for 
everybody. Or choose to hold it confidential and keep the tag in place 
while the group can still read the contract because the have the key. 
The advantage of the tag is that it is also preserved when the document 
is saved under an another name. ( See mail of Mr. Patrick Durusau - Sun, 
23 Dec 2007 10:30:23 -0500) .
The place of the tag is less interresting this can be in the content.xml 
file or in a seperate metadata file. In all cases it is inportant that 
the tag shall be preserved by the ODF consumer when a key is not 

Timo Hartong

> Openoffice Development wrote:
> The tag gives the indication to the ODF consumer that the following
> information is encrypted and the ID gives the possibility to grant
> access to user level. The ID could point in the end to an XML file which
> contains data which is necessary to decrypt the data.
> If you say the "proposal" needs some workout I fully aggree with you but
> such a tag would have great benefits you can restrict access in all
> levels of document and so also protect the privacy of users of a document.
> What about shared documents, as in the contract negotiation mentioned
> above, where the change tracking is needed, and full access by all
> involved parties? Would this not require a group level tag?
> Jaqui
> This publicly archived list offers a means to provide input to the
> OASIS Open Document Format for Office Applications (OpenDocument) TC.
> In order to verify user consent to the Feedback License terms and
> to minimize spam in the list archive, subscription is required
> before posting.
> Subscribe: office-comment-subscribe@lists.oasis-open.org
> Unsubscribe: office-comment-unsubscribe@lists.oasis-open.org
> List help: office-comment-help@lists.oasis-open.org
> List archive: http://lists.oasis-open.org/archives/office-comment/
> Feedback License: http://www.oasis-open.org/who/ipr/feedback_license.pdf
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
> Committee: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=office
> __________ Information from ESET NOD32 Antivirus, version of virus signature database 2747 (20071225) __________
> The message was checked by ESET NOD32 Antivirus.
> http://www.eset.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]