OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ubl-security message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ubl-security] UBL Profile for XML Digital Signatures and XAdES implementation V.01]

Hello,

as we are providing the instructions to apply a digital signature to UBL,
I am not sure we have to constrain UBL 2.x to a specific XAdES version.

Can we mention XAdES 1.3.1 and later ?

I think it is more important to inform implementers where the XAdES
version must be specified into UBL.

Regards,

Roberto

> Hi Julián,
>
> Thanks for your draft, here follows some issues to fix:
>
> ·         Add http://uri.etsi.org/01903/v1.4.1#
> <http://uri.etsi.org/01903/v1.4.1>  to “Declared XML Namespace(s)” (note
> that XAdES 1.4.1 declares this new namespace but keeps the old one (1.3.1)
> for compatibility with pevious versions
>
> ·         Change [[XAdES]Profiles] to [XAdESProfiles] in “Normative
> References”
>
> ·         Change [XAdES] to xades in “1.3 Namespaces”
>
> ·         Add the prefix xades141 for the namespace
> http://uri.etsi.org/01903/v1.4.1# <http://uri.etsi.org/01903/v1.4.2>  in
> “1.3 Namespaces” and declare both in clause 4.2 text box
>
> ·         The last sentence in 2.2 should be something like: “By choosing
> the enveloped signature approach and an appropriate place for the
> signature,
> UBL format management…”. I think this way is more clear.
>
> I there are no objections, I’d like to be mentioned as Editor instead of
> Contributor in fact I contributed massively both on the structure and the
> content of this profile.
>
>
>
> I am in favor to cover also detached and possibly other form of signature.
> I
> mention PAdES (PDF signature) that is now an ETSI standard and there is a
> good chance that PAdES  become part of ISO32000 and 19005 (PDF/A).
>
> I think we should proceed this way:
>
> -          Have a first agreement on present document, possibly updating
> the
> table of content as Oriol suggested to take into account that this
> profile,
> as XAdES, covers also the detached signature form. We can also consider to
> support detached CAdES as it is almost the same thing.
>
> -          Distribute the document to relevant stakeholders to get
> feedback
>
> -          Complete the profile, considering also the feedback received.
>
> -          If we agree, propose to develop a new PAdES profile to UBL TC.
> This can benefit from XAdES profile because it can be used inside a PAdES
> compliant document.
>
>
>
> I’ll distribute shortly here current CEFACT TBG6 proposal (named DER,
> Digital Evidence Recommendation) to have from you some feedback, because
> I’d
> like to try to introduce there also our approach.
>
>
>
> Regards,
>
> Andrea
>
>
>
>
>
>
> --------
> This message is sent to one or more specific recipient. If you are not the
> intended recipient, please notify the sender and delete this message.
>
> --------
> Questo messaggio č inviato a specifici destinatari. Se non siete i
> destinatari, siete pregati di informare il mittente e cancellare questo
> Messaggio.
>
>
>
> From: JAVEST by Roberto Cisternino [mailto:roberto@javest.com]
> Sent: Friday, October 02, 2009 9:45 AM
> To: Julián Inza
> Cc: ubl-security@lists.oasis-open.org
> Subject: Re: [ubl-security] UBL Profile for XML Digital Signatures and
> XAdES
> implementation V.01]
>
>
>
> Hello,
> I reply about the use of IDs and URI to reference the signature.
>
> Julián Inza ha scritto:
>
> Dear friends,
>
> I had the enclosed document ready from some time now but I could not find
> time to send it.
>
> Now that I see the issue involves further discussions, I enclosed the
> merged
> document, so you can use it as a placeholder to include your
> suggestions...
>
> In yellow colour are some points which I think should be further
> discussed.
>
> Originally, reference to element <ds:Signature> in <cac:Signature> was
> done
> through  cac:DigitalSignatureAttachment/cac:ExternalReference/cbc:URI
> using
> Id (unique identifier) of <ds:Signature>.
>
> the problem here is the URI is not an ID.   Technically there was no value
> here, but it was like a convention.
>
>
>
> Now there are 2 references:
>
>
>
> This makes more sense as we talk about IDs, but again it is more a
> convention.
>
>
>
>


-- 
* JAVEST by Roberto Cisternino
*
* Document Engineering Services Ltd. - Alliance Member
* UBL Italian Localization SubCommittee (ITLSC), co-Chair
* UBL Online Community editorial board member (ubl.xml.org)
* Italian UBL Advisor

  Roberto Cisternino

  mobile: +39 328 2148123
  skype:  roberto.cisternino.ubl-itlsc

[UBL Technical Committee]
    http://www.oasis-open.org/committees/ubl

[UBL Online Community]
    http://ubl.xml.org

[UBL International Conferences]
    http://www.ublconference.org

[UBL Italian Localization Subcommittee]
    http://www.oasis-open.org/committees/ubl-itlsc

[Iniziativa divulgativa UBL Italia]
    http://www.ubl-italia.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]