OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Commented: (OFFICE-2670) 4 - digitalsignatures, certificate chain

    [ http://tools.oasis-open.org/issues/browse/OFFICE-2670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=22122#action_22122 ] 

Andreas Guelzow  commented on OFFICE-2670:

Do we still want to do this for ODF 1.2?

> 4 - digital signatures, certificate chain
> -----------------------------------------
>                 Key: OFFICE-2670
>                 URL: http://tools.oasis-open.org/issues/browse/OFFICE-2670
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: ODF 1.2 Part 3 CD 1
>            Reporter: Bart Hanssens
>             Fix For: ODF 1.2 CD 06
> See mailing list on whether or not to include certificate chain
> http://lists.oasis-open.org/archives/office/201005/msg00081.html
> My suggestion would be putting the chain it in ds:KeyInfo, with the signing certificate
> first (not required per spec, but expected by many implementations)
> XAdES says this about CertificateValues:
> "... CertificateValues element contains the full set of certificates that have been used
> to validate the electronic signature, including the signer's certificate. However, it is
> not necessary to include one of those certificates into this property, if the certificate
> is already present in the ds:KeyInfo element of the signature.
> If CompleteCertificateRefs and CertificateValues are present, all the certificates
> referenced in CompleteCertificateRefs MUST be present either in the ds:KeyInfo
> element of the signature or in the CertificateValues property element."

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]