OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [PATCH] gpg4libre: ODF schema proposal


Change-Id: Id20cd3525ec27c62f49a535112219aeefc9b7987
---
 .../odf1.3/OpenDocument-manifest-schema-v1.3.rng   | 66 +++++++++++++++++-----
 1 file changed, 51 insertions(+), 15 deletions(-)

diff --git a/schema/odf1.3/OpenDocument-manifest-schema-v1.3.rng b/schema/odf1.3/OpenDocument-manifest-schema-v1.3.rng
index f485ffbd019c..a84a49e71128 100644
--- a/schema/odf1.3/OpenDocument-manifest-schema-v1.3.rng
+++ b/schema/odf1.3/OpenDocument-manifest-schema-v1.3.rng
@@ -81,6 +81,34 @@
   <rng:define name="base64Binary">
     <rng:data type="base64Binary"/>
   </rng:define>
+  <rng:define name="encrypted-key">
+    <rng:element name="manifest:encrypted-key">
+      <rng:optional>
+        <rng:element name="manifest:encryption-method">
+          <rng:attribute name="manifest:PGPAlgorithm">
+            <rng:ref name="anyURI"/>
+          </rng:attribute>
+        </rng:element>
+      </rng:optional>
+      <rng:element name="manifest:keyinfo">
+        <rng:element name="manifest:PGPData">
+          <rng:element name="manifest:PGPKeyID">
+            <rng:ref name="base64Binary"/>
+          </rng:element>
+          <rng:optional>
+            <rng:element name="manifest:PGPKeyPacket">
+              <rng:ref name="base64Binary"/>
+            </rng:element>
+          </rng:optional>
+        </rng:element>
+      </rng:element>
+      <rng:element name="manifest:CipherData">
+        <rng:element name="manifest:CipherValue">
+          <rng:ref name="base64Binary"/>
+        </rng:element>
+      </rng:element>
+    </rng:element>
+  </rng:define>
   <rng:define name="encryption-data">
     <rng:element name="manifest:encryption-data">
       <rng:ref name="encryption-data-attlist"/>
@@ -149,29 +177,37 @@
     </rng:element>
   </rng:define>
   <rng:define name="key-derivation-attlist">
-    <rng:interleave>
+    <rng:choice>
       <rng:attribute name="manifest:key-derivation-name">
-        <rng:choice>
-          <rng:value>PBKDF2</rng:value>
-          <rng:ref name="anyURI"/>
-        </rng:choice>
+        <rng:value>PGP</rng:value>
       </rng:attribute>
-      <rng:attribute name="manifest:salt">
-        <rng:ref name="base64Binary"/>
-      </rng:attribute>
-      <rng:attribute name="manifest:iteration-count">
-        <rng:ref name="nonNegativeInteger"/>
-      </rng:attribute>
-      <rng:optional>
-        <rng:attribute name="manifest:key-size">
+      <rng:interleave>
+        <rng:attribute name="manifest:key-derivation-name">
+          <rng:choice>
+            <rng:value>PBKDF2</rng:value>
+            <rng:ref name="anyURI"/>
+          </rng:choice>
+        </rng:attribute>
+        <rng:attribute name="manifest:salt">
+          <rng:ref name="base64Binary"/>
+        </rng:attribute>
+        <rng:attribute name="manifest:iteration-count">
           <rng:ref name="nonNegativeInteger"/>
         </rng:attribute>
-      </rng:optional>
-    </rng:interleave>
+        <rng:optional>
+          <rng:attribute name="manifest:key-size">
+            <rng:ref name="nonNegativeInteger"/>
+          </rng:attribute>
+        </rng:optional>
+      </rng:interleave>
+    </rng:choice>
   </rng:define>
   <rng:define name="manifest">
     <rng:element name="manifest:manifest">
       <rng:ref name="manifest-attlist"/>
+      <rng:zeroOrMore>
+        <rng:ref name="encrypted-key"/>
+      </rng:zeroOrMore>
       <rng:oneOrMore>
         <rng:ref name="file-entry"/>
       </rng:oneOrMore>
-- 
2.13.6
{noformat}

> Add OpenPGP-based XML encryption
> --------------------------------
>
>                 Key: OFFICE-3940
>                 URL: https://issues.oasis-open.org/browse/OFFICE-3940
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: New Feature
>          Components: Packaging
>    Affects Versions: ODF 1.3
>            Reporter: Thorsten Behrens
>            Priority: Major
>             Fix For: ODF 1.3
>
>
> Currently ODF supports password-based encryption, using a user-provided string of characters to encrypt an AES session encryption key.
> That is not ideal in the context of sharing documents securely with wider audiences, since one always needs a secure sidechannel to distribute the passphrase.
> This proposal builds on top of https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/ for XML encryption, and essentially extends the ODF manifest markup with a few nodes to denote OpenPGP key material plus transport encryption for the session key



--
This message was sent by Atlassian JIRA
(v7.7.2#77003)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]