Subject: RE: [office] [OASIS Issue Tracker] Commented: (OFFICE-3028) Updatedigital signatures for better XaDeS support
Patrick said: >This may be a very naive question but why shouldn't a signal include non-visible metadata? This depends on your expectations of the signature - see my other reply where I laid out the 4 different purposes for a signature. If you're expecting a full integrity check, and get something less, then it has failed. If you're expecting an integrity check over content, then it has not. The salient point for me is that some file stores do contain metadata, search info, etc. If you enforce a full integrity check, then those features are unavailable. >The reason I ask is that I anticipate with the new metadata capabilities that users will be annotating content in ways that don't affect display but do have an impact on searching (identification of terms), work flow (approval of a document), etc. Precisely why there are portions of an OOXML document which are never signed. I view it as a goal to have the user not have to worry about the underlying format. >I don't know about the signature breaking on changing metadata that impacts search but I would think that it would if someone altered the approval of a document in a work flow. That's an important piece of functionality. >Perhaps I am not clear on what you mean by "...affects the content or display of the content...." >Can you say a bit more about that? That's a tricky point. There are clearly portions of the file that have no impact on the content or the display of the content. Then you get into some fine nuances, such as the display of a shape where it depends on the implementation (though hopefully, this is slight).