Re: [office] Digital Signature proposal

[Jomar Silva <jomar.silva@br.odfalliance.org>]

I just would like to remember that an application that support XAdES will also support XMLDsig (XAdES is an extension of it).

I also believe that an application that support only XMLDsig, will be (or may be) able to validate just the XMLDsig portion of the XAdES signature.

There are diagrams here (http://www.w3.org/TR/XAdES/) that demonstrate the differences between XMLDsig and XAdES.

Best,

Jomar

Dave Pawson escreveu:

711a73df0807310957v16b85cacs1b3dd7ce92543249@mail.gmail.com" type="cite">

2008/7/31 Ming Fei Jia <jiamingf@cn.ibm.com>:
  

Thanks explanation although that can not convince me completely. You said
"...if the application developer choose to only support XMLDsig, it will
still being compliant with ODF 1.2...". Is that true? XMLDsig and XAdES are
as different options in the proposal. If the application only implements
XMLDsig, could the application claim to be compliant with ODF standard? I
think at most it can claim partial compliant. This is the conformance issue.

Another is the interoperability issue. Assume one application only
implements XMLDsig, another application only implements XAdES. How does the
first application validate the signed document with XAdES format generated
by the second application? Seems no way,even both the two applications claim
to be compliant with the same ODF standard.
    

A conformance issue for ODF?
Seems the TC has to choose one or the other if interoperability is
to work for signed documents.


regards