[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Commented: (OFFICE-2315) NEEDS-DISCUSSION:Security Exposures - Public Comment: ODF 1.2 part 1 cd03 - 3.16 digitalsig, certificate chain (CLONE)
[ http://tools.oasis-open.org/issues/browse/OFFICE-2315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18837#action_18837 ] Michael Brauer commented on OFFICE-2315: ---------------------------------------- Dennis: You've added the NEEDS-DISCUSSION because of your encryption concerns, which are unrelated to the public comment. I would like to remove it, but please don't hesitate to submit a new issue regarding your concerns. Are the any other disagreements on the issue, or can we set it to resolved with a "no action"? (While it is off topic for this issue I'd like to add one comment regarding document signatures: The ODF package specification allows arbitrary types of signatures to be stored. The Part 1 specification defines two kind of signatures (document signatures and macro signatures) that have a particular purpose. The purpose of a document signature is to sign a full document, which may be encrypted already. A document signature may not be a good choice if one wants to sign a document, and encrypt it afterwards. But that is not an issue for a document signature. One in this case could store another kind of signature, which excludes META-INF/manifest.xml. The part 3 specification does allow that. Such a signature only may not be called a document signature. > NEEDS-DISCUSSION: Security Exposures - Public Comment: ODF 1.2 part 1 cd03 - 3.16 digital sig, certificate chain (CLONE) > ------------------------------------------------------------------------------------------------------------------------ > > Key: OFFICE-2315 > URL: http://tools.oasis-open.org/issues/browse/OFFICE-2315 > Project: OASIS Open Document Format for Office Applications (OpenDocument) TC > Issue Type: Bug > Components: Security > Affects Versions: ODF 1.2 Part 1 CD 4 > Environment: This issue applies to OpenDocument-v1.2-part1-cd04 and Public Review of that document. > Reporter: Robert Weir > Priority: Blocker > > Copied from office-comment list > Original author: Hanssens Bart <Bart.Hanssens@fedict.be> > Original date: 24 Dec 2009 13:37:19 -0000 > Original URL: http://lists.oasis-open.org/archives/office-comment/200912/msg00023.html -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]