[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: AW: [dss-x] Groups - Signature Policy Profile of the OASIS Digital Signature Services (oasis-dssx-1.0-profiles-sigpolicy-wd.doc) uploaded
Hallo Juan Carlos, it seems to me that for "typical use cases" it might be sufficient to have a single policy for multiple signatures related to a document and hence the simple option below might be sufficient. Do you have a specific use case in mind, where multiple signatures need to be verified with different policies? On the other side it would be easy to allow the combination of both options: <element name="VerifyUnderSignaturePolicy" type="VerifyUnderSignaturePolicyType"/> <complexType name="VerifyUnderSignaturePolicyType"> <sequence> <element name="DefaultPolicy" type="SignaturePolicyDetailsType" minOccurs="0"/> <sequence maxOccurs="unbounded" minOccurs="0"> <element name="SignatureIdentifier" type="vr:SignatureIdentifierType" /> <element name="IndividualPolicy" type="SignaturePolicyDetailsType" /> </sequence> </sequence> </complexType> In this case it would be possible to specify a default-policy, which will be applied, iff no other policy-indication (within the signature, or in the element above) "overrules" this default. BR, Detlef > -----Ursprüngliche Nachricht----- > Von: cruellas@ac.upc.edu [mailto:cruellas@ac.upc.edu] > Gesendet: Freitag, 25. April 2008 17:45 > An: dss-x@lists.oasis-open.org > Betreff: [dss-x] Groups - Signature Policy Profile of the > OASIS Digital Signature Services > (oasis-dssx-1.0-profiles-sigpolicy-wd.doc) uploaded > > Dear all, > > I have uploaded an initial and uncomplete version of the > signature policy profile for DSS protocol. > > It is uncomplete because the part profiling the verification > protocol is missing. This is due to the fact that I am still > thinking how to manage the situations when the > <dss:VerifyRequest> contains more than one signature. > > > If there is only one signature, the thing is easy, the client > sends an identifier of the policy that the server must > use....but if there are several... > > Some very initial thoughts: > > 1. The simplest option: pass to the server one policy > identifier and if there is more than one signature, then the > server use this policy (or makes whatever it wants and then > let the client know?) > > 2. Pass a list of pairs (Signature policy signature to be verified). > Con: requires identify all the signatures and build > references to each signature. > Pro: specifies what signature policy must be used for > each signature. > > 3. In addition to all this, if there are several signatures > this is strongly related with the multisignature verification > profile...although I do not see problems in this. > > Regards > > Juan Carlos. > > > -- Juan Cruellas > > The document named Signature Policy Profile of the OASIS > Digital Signature Services > (oasis-dssx-1.0-profiles-sigpolicy-wd.doc) has been submitted > by Juan Cruellas to the OASIS Digital Signature Services > eXtended (DSS-X) TC document repository. > > Document Description: > Profile for instructing servers to use a certain signature > policy when generating or verifying an electronic signature > > View Document Details: > http://www.oasis-open.org/apps/org/workgroup/dss-x/document.ph p?document_id=28097 > > Download Document: > http://www.oasis-open.org/apps/org/workgroup/dss-x/download.ph p/28097/oasis-dssx-1.0-profiles-sigpolicy-wd.doc > > > PLEASE NOTE: If the above links do not work for you, your > email application may be breaking the link into two pieces. > You may be able to copy and paste the entire link address > into the address field of your web browser. > > -OASIS Open Administration >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]