[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [office] What to do about digital signatures
Hi all, #2 sounds like a good choice to me, too, and is my recommendation as well. Michael On 05/07/10 20:51, robert_weir@us.ibm.com wrote: > We've been discussing this on the list for a few days now. I think we're > getting a better feel for the scope of what needs to be done, thanks to > David's recent notes. . But I haven't seen a specific proposal yet. I'm > having some IBM colleagues look at this issue as well, since it is outside > of my expertise. But I will comment quickly on what our options are at > this point: > > 1) Continue discussing and delay ODF 1.2 until we have a resolution. > > 2) Continue discussing, send ODF 1.2 out for public review knowing that > this issue is open, and commit to resolving it when the public review > ends. But know that changes made after the public review would trigger > another 15-day public review of those changes. > > 3) Remove the feature from ODF 1.2. > > 4) Do nothing in ODF 1.2, but address this area in a future revision. > > 5) Convince ourselves that there is not a problem ;-) > > Are there any other options I've missed? > > I think if we have the right people looking at this area, we should be > able to resolve it in ODF 1.2. So to me that sounds like option #1 or #2. > > > Since the digital signature feature is not broadly entangled in the other > features of ODF 1.2, I think it can be reviewed and revised without > invalidating the review performed on other parts of specification. So I'm > inclined to recommend that we pick option #2. > > I reminded of the saying, 'Never code standing up', meaning if you are in > a rush to leave the office, and you already have your hat on, and you are > making one last change to the code while standing up to put on your coat, > then you are asking for trouble. I think we want to also avoid specifying > security-related ODF features standing up. Let's take a couple of months, > during the public review of ODF 1.2, to figure out exactly what needs to > be done here. This will allow us to continue discussions at a deliberate, > but unrushed pace. We could continue discussions on the main TC list. Or > if we wanted to have a separate list and maybe a series of meetings on the > subject (yes, more meetings) we could choose to form a "ODF Security > Subcommittee". > > Any thoughts on the process side of this, before we get back to discussing > the details of XAdES? In particular, any objections to #2? > > -Rob > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > -- Michael Brauer, Technical Architect Software Engineering StarOffice/OpenOffice.org Sun Microsystems GmbH Nagelsweg 55 D-20097 Hamburg, Germany michael.brauer@sun.com http://sun.com/staroffice +49 40 23646 500 http://blogs.sun.com/GullFOSS Sitz der Gesellschaft: Sun Microsystems GmbH, Sonnenallee 1, D-85551 Kirchheim-Heimstetten Amtsgericht Muenchen: HRB 161028 Geschaeftsfuehrer: Jürgen Kunz
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]