[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [office] Digital signature proposal
On Friday 16 February 2007 12:08, Michael Brauer wrote: > A document signature *shall* be considered to be valid only if > it valid itself, and if it is applied to all files of the package. This requirement will prevent applications from implementing sectional signing. Sectional signing allows signing of only certain elements in a document and is supported by xml-dsig. For example in an approval process a document may be written by one person and signed, then another person needs to approve it after possibly adding some comments to a "comments" section of the document. Another example is a collaboration of multiple people on the same document, each responsible for his own section. Two requirements may arise in this scenario: section A may need to be edited after section B is already completed and signed, and person A may not want to appear to have signed the text of section B for legal or other reasons. To add to my previous suggestion for visible signatures: I propose to add a new signature control. This control can have some default appearance (something like "x________"). It can have attributes such as the intended signer name/role. It can be associated with an existing document element (section, table, etc.) for sectional signing. It must have a unique ID attribute. When a user activates this control, the application will produce document content to represent a new appearance for the signed control (For example the application may prompt the user or may already have a pre-configure signature image file for the user and the new appearance will be built from that image + signer name + date / time). The document content for the new appearance will not be stored in the document itself so as not to break already existing signatures, but instead will be written to a new file within the META-INF folder. The content of the file will be an element that includes the originating control's ID and the new appearance markup. Next, the application will sign the whole document (or the element specified in the control) and create the appropriate <Signature> element in the documentsignatures.xml file. The file with the new signature appearance must always be included in the signature calculation as well. The application is expected to display signed controls using the content from their respective appearance files rather than the default appearance. When a signed control is activated, the application can validate the signature, display information about the signed area, about the signer and certificate, etc. To prevent users from thinking a document is properly signed when in fact the signature validation fails (as Thomas suggested), applications should display a validation mark on top of the appearance in any signed signature control. This validation mark will indicate if the signature has been validated yet or not and if the validation failed or succeeded. I'm new to ODF (but have a lot of experience in digital signatures and signed documents of various formats) so I apologize in advance if I'm not using the correct terminology. - Uri Uri Resnitzky Chief Scientist ARX http://www.arx.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]