OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

opendocument-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [opendocument-users] how to define fields of odt, which would not beaffected by digi-signature?

"Jurgis Pralgauskis" <jurgis.pralgauskis@gmail.com> wrote on 05/29/2008 06:38:48 PM:

> Hello,
> We want to achieve with OOO what MSO proposes now -- ability to
> include graphical info alongside with digital signing.
> MSO has fields (placeholders) for this graphical info (photo or
> signature photo of the signee), which are not included when hashing
> the document
> But when signing digitally, probably all odt elements are hashed together.
> How could I define the fields, that  need to be skipped when signing?
> but be shown in, lets say, oowriter ?
> If the idea is feaseble, we could build extention in ooo,
> to  store those fields in separate .xml inside odt,
> then signature checking would work fine
> if the fields and graphical extra data are not mentioned in signatures.xml
> if I am too optimistic or naive,
> pleas, tell, what is missing most,
> and when could I/we expect it

I'm not sure I understand your use case.  If the photo or signature of the signer is not itself included in the hash, then what prevents someone from replacing the photo or signature without breaking the digital signature?  Is that what you really want to allow?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]