OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ubl-ndrsc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Digital Signatures


In the last UBL NDRSC phone call I promised to send more information about
the use of digital signatures in all UBL documents.  I agree with David
Burdett that an optional field should be added to all UBL documents, but
believe the industry standard X.509 based signatures should be used.  The
reason I suggest this is that this does not require you to preserve binary
content of what was signed.  Anyone who wishes to authenticate the
signature can recreate that binary content when they need to do the
authentication since DER (Distinguished Encoding Rules) is truely
canonical (has exactly one way of encoding any given message).

Note that even Canonical-XML requires you to preserve the namespace
prefixes that were in the XML tags, so you would really need to preserve
the complete XML document (tags with prefixes and all) along with the
signature in order to authenticate it if you directly sign the XML

By making the field optional, no one is required to use the digital
signatures, but can if they wish to.

This optional signature field should placed in the schema immediately
before or after the global element whose contents need authentication.

Paul E. Thorpe                                 Toll Free    : 1-888-OSS-ASN1
OSS Nokalva                                    International: 1-732-302-0750
Email: thorpe@oss.com                          Tech Support : 1-732-302-9669
http://www.oss.com                             Fax          : 1-732-302-0023

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]