OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Created: (OFFICE-2670) 4 - digitalsignatures, certificate chain

4 - digital signatures, certificate chain

                 Key: OFFICE-2670
                 URL: http://tools.oasis-open.org/issues/browse/OFFICE-2670
             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
          Issue Type: Improvement
          Components: Security
    Affects Versions: ODF 1.2 Part 3 CD 1
            Reporter: Bart Hanssens

See mailing list on whether or not to include certificate chain


My suggestion would be putting the chain it in ds:KeyInfo, with the signing certificate
first (not required per spec, but expected by many implementations)

XAdES says this about CertificateValues:

"... CertificateValues element contains the full set of certificates that have been used
to validate the electronic signature, including the signer's certificate. However, it is
not necessary to include one of those certificates into this property, if the certificate
is already present in the ds:KeyInfo element of the signature.

If CompleteCertificateRefs and CertificateValues are present, all the certificates
referenced in CompleteCertificateRefs MUST be present either in the ds:KeyInfo
element of the signature or in the CertificateValues property element."

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]