[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Digital Signatures
Hi, In the last UBL NDRSC phone call I promised to send more information about the use of digital signatures in all UBL documents. I agree with David Burdett that an optional field should be added to all UBL documents, but believe the industry standard X.509 based signatures should be used. The reason I suggest this is that this does not require you to preserve binary content of what was signed. Anyone who wishes to authenticate the signature can recreate that binary content when they need to do the authentication since DER (Distinguished Encoding Rules) is truely canonical (has exactly one way of encoding any given message). Note that even Canonical-XML requires you to preserve the namespace prefixes that were in the XML tags, so you would really need to preserve the complete XML document (tags with prefixes and all) along with the signature in order to authenticate it if you directly sign the XML document. By making the field optional, no one is required to use the digital signatures, but can if they wish to. This optional signature field should placed in the schema immediately before or after the global element whose contents need authentication. ---------------------------------------------------------------------------- Paul E. Thorpe Toll Free : 1-888-OSS-ASN1 OSS Nokalva International: 1-732-302-0750 Email: thorpe@oss.com Tech Support : 1-732-302-9669 http://www.oss.com Fax : 1-732-302-0023
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]