OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [office] Digital Signature proposal

2008/7/31 Bob Jolliffe <bobjolliffe@gmail.com>:
> I am not sure exactly how one should define conformance in this context.  I
> don't think we are saying anywhere that an application has to *necessarily*
> be able to generate or validate signatures to be compliant.  I believe there
> are many odf applications out there which don't do either of these.   I
> guess this is a difference between formal compliance and semantic
> compliance.

So if it's not supported, is the application compliant?
If it's an optional feature, and an application supports dig sig
then it may be compliant.
Ditto if it supports XAdES it may be compliant.

If it supports digSig but not XAdES is it compliant or not? I'd suggest not.
( I noted a 'may' in the last email). That leaves the app able to work
with digsig but not with XAdES signatures. An interop hell if anyone cares.

The spec must have a clause for which a compliance statement can
be made clearly and without ambiguity. 'may use an extension' doesn't
seem like clear compliance to me.


Dave Pawson

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]