[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (OFFICE-3869) PAS Comment JP5: Clarify relationship between digital signature and encryption
[ https://issues.oasis-open.org/browse/OFFICE-3869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=53378#comment-53378 ]
Michael Stahl commented on OFFICE-3869:
---------------------------------------
Rob's proposal would introduce a new mandatory requirement for ODF producers that does not exist in ODF 1.2.
Dennis pointed to the existing text in ODF 1.2 Part 3 section 5.2 that makes it explicit that *both* encrypt-then-sign and sign-then-encrypt are valid.
ODF consumers can determine which of these is in effect for a particular signature file by checking whether the <manifest:file-entry> of the signature file has <manifest:encryption-data> that specifies it is encrypted, or not.
(actually in case the signature file is not encrypted the <manifest:file-entry> for it need not even exist, since the signature file is in the META-INF directory)
> PAS Comment JP5: Clarify relationship between digital signature and encryption
> -------------------------------------------------------------------------------
>
> Key: OFFICE-3869
> URL: https://issues.oasis-open.org/browse/OFFICE-3869
> Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
> Issue Type: Task
> Components: Part 3 (Packages)
> Affects Versions: ODF 1.2
> Reporter: Chris Rae
> Assignee: Robert Weir
>
> Comment logged by national body during the ODF 1.2 PAS process, to be address at Ballot Resolution Meeting.
> Nature of defect :Technical
> Original text of NB comment: Relations between the digital signature and encryption are not clear. Specify the relations.
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]