office message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: ODF 1.2 PAS Submission comment JP5 - OFFICE-3869: proposal for discussion
- From: Oliver-Rainer Wittmann <ORWITT@de.ibm.com>
- To: "OASIS OpenDocument TC List" <office@lists.oasis-open.org>
- Date: Tue, 30 Dec 2014 16:54:53 +0100
Hi,
I am not an expert in the area of ODF
encryption and digital signatures, but I would like to propose to combine
would Dennis, Rob and Michael had been discussed.
My proposal for our response to JP5
is:
<proposal>
We agree that the current wording might
cause an uncertainty regarding the relationship between encryption and
digital signatures.
We suggest to replace the last two paragraphs
of section 5.2 in Part 3 by:
"If a digital signature file is
not encrypted, any encrypted files covered by the digital signature are
signed in their encrypted form as identified in META-INF/manifest.xml."
and
"If a digital signature file is
encrypted using the encryption means specified for ODF 1.2 Packages, then
the digital signature applies to the decrypted forms of all encrypted files
in the package exactly as if they had not been encrypted. (Note that
in this case, the manifest, which is never encrypted, is different when
there are encrypted files than when there are not. In particular,
the manifest must include the parameters that must be known to decrypt
the encrypted digital signature files.)"
We also suggest to introduce a new section
3.9 "Interactions Between Encryption and Digital Signatures"
with the following content:
"An OpenDocument Package Producer
that both encrypts and applies digital signatures to a document is advised
to either first encrypt (per section 3.4) and then apply the digital signatures
(per section 5) or to first apply the digital signatures and then encrypt.
If the encryption is done first, the
digital signature file is not encrypted. If the document is encrypted after
applying the digital signatures, the digital signature file is encrypted
- see also section 5.2.
The perference is to first encrypt and
then apply the digital signatures."
</proposal>
Please give feedback to this proposal.
Mit freundlichen Grüßen / Best regards
Oliver-Rainer Wittmann
--
Advisory Software Engineer
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland
Beim Strohhause 17
20097 Hamburg
Phone: +49-40-6389-1415
E-Mail: orwitt@de.ibm.com
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH / Vorsitzende
des Aufsichtsrats: Martina Koederitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart,
HRB 243294
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]