OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Commented: (OFFICE-2561) ODF 1.2 Part 1 CD04:protection-key string encoding underspecified

    [ http://tools.oasis-open.org/issues/browse/OFFICE-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18537#action_18537 ] 

Dennis Hamilton commented on OFFICE-2561:

Malte, thanks for brining this up.

I did a quick check on XML Schema Datatypes and the definition in section 3.2.16 of http://www.w3.org/TR/xmlschema-2/#base64Binary is better for our purposes.

The XML Schema Datatype base64Binary is based on rfc2045 but has white-space rules consistent for use in XML element and attribute values.

I recommend thta the datatype be changed from string to base64Binary in the schema and that base64Binary be taken from W3C Schema Datatypes in the usual way in Section 18.2.

This would seem to do the job.

I recommend the following proposal:

 - - - - - - -
In the ODF 1.2 schema definitions for attributes table:protection-key and text:protection-key, change the <ref name="string"> to <ref name="base64Binary">.

In the Appendix on changes from previous versions, indicate that table:protection-key and text:protection-key values are now required to be encoded in accordance with XML Schema datatype base64Binary.

It is not necessary to provide additional text in 19.699 table:protection-key and 19.852 text:protection-key.  If it is felt necessary to add anything, an appropriate added paragraph would be

The value of the attribute is the Base 64 encoding of the binary calculated hash value in accordance with section 3.2.16 of [xmlschema-2]. 

 - - - - - - - -

PS: A similar clarification can be made in ODF 1.2 Part 3.  I will check whether that is not already handled and address any applicable JIRA issue.

> ODF 1.2 Part 1 CD04: protection-key string encoding underspecified
> ------------------------------------------------------------------
>                 Key: OFFICE-2561
>                 URL: http://tools.oasis-open.org/issues/browse/OFFICE-2561
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: ODF 1.2 Part 1 CD 4 
>         Environment: This issue applies to all forms of ODF 1.2 Part 1 CD04 and to earlier working drafts and CDs as well.  The issue also applies to ODF 1.1 and ODF 1.0.
>            Reporter: Dennis Hamilton
>            Priority: Minor
>             Fix For: ODF 1.2
> The data type for table:protection-key (19.699) and text:protection-key (19.852) is given as string.
> Although those digest algorithms identified in section 5.9 of [xmlenc-core] specify that those results are to be converted to Base64 encodings, the specific Base64 encoding is not identified.
> Because it is permissible to introduce additional, arbitrary digest algorithms, it is also not clear what encoding is to be used for their results, especially for algorithms that only specify their results as sequences of bits.
> Inspection of examples in [xmlenc-core] reveals that MIME Base 64 encoding is being used.  This proposal establishes that encoding as the encoding that is used for all protection-key attribute values.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]