[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: SV: [ubl-tsc] [Fwd: [ubl-psc] Proposal for a signature refenrence]
Hi
Kama
Do I
understand you correctly when that ebXML supports a solution where the
xml-document and the signature are in the same envelope, but in different
payloads?
What I
suggest is that the xml-document becomes able to refer to the signature, not
only as a URL but also as a Mime reference.
The
problem with embeddign the siganture in the xml-document is
1) it
becomes invalid if it is transformed to an other document.
2) A
digital signature on a xml document is not valid in legal terms. Only a
transformation of a xml-document can be brought into a court
room.
3) A
digital signature with the purpose of ensuring that no one has tampered with the
document has nothing to do in a procurement document. This is a matter for the
transportation layer.
What
is needed at the business level is infomation about whether someone actual has
aproved the document. On the other hand, to reference the signature gives you
problem with consistency and persistency. This can be solved by adding two more
fields in document reference: GaranteeStoragePeriode and Hashcode (perhaps
hashmethod as well).
I
would like to here more about your requirements.
Kind
regards
Peter
L. Borresen
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]