[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Created: (OFFICE-2670) 4 - digitalsignatures, certificate chain
4 - digital signatures, certificate chain
-----------------------------------------
Key: OFFICE-2670
URL: http://tools.oasis-open.org/issues/browse/OFFICE-2670
Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
Issue Type: Improvement
Components: Security
Affects Versions: ODF 1.2 Part 3 CD 1
Reporter: Bart Hanssens
See mailing list on whether or not to include certificate chain
http://lists.oasis-open.org/archives/office/201005/msg00081.html
My suggestion would be putting the chain it in ds:KeyInfo, with the signing certificate
first (not required per spec, but expected by many implementations)
XAdES says this about CertificateValues:
"... CertificateValues element contains the full set of certificates that have been used
to validate the electronic signature, including the signer's certificate. However, it is
not necessary to include one of those certificates into this property, if the certificate
is already present in the ds:KeyInfo element of the signature.
If CompleteCertificateRefs and CertificateValues are present, all the certificates
referenced in CompleteCertificateRefs MUST be present either in the ds:KeyInfo
element of the signature or in the CertificateValues property element."
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]