[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss-x] Comments on visible signature profile
Hi Juan Carlos, see my comments itermixed: > Below follow some comments related to the visible signature profile. > They are on Committee Specification v01 of 8 May 2010 > > Line 57: "is related to the binary digital signature". I would > propose to get rid of "binary" and leave "digital signature" only > (this may be a CMS or a XML or even a PDF signature).... > I would guess the attribute 'binary' refers to the fact that we're dealing with both, a 'binary' and a 'visible' aspect of a signature. > Line 63: This is the first place where the term "visible Signatures" > appears, without any definition. Befor that line other terms have > been used "visible information" (of the signature), "displayed > information"...I am not sure about the usage of this term...in fact, > the Part 6 of PAdES, which I would say could be strongly related to > our profile has as title: "Visual Representations of Electronic > Signatures". In its scope it defines: > > . Signature appearance: visual representation of the human act of > signing placed within a PDF document at signing time and linked to an > advanced electronic signature > > . Signature verification representation: visual representation of the > verification of an advanced electronic signature. > > Link to part 6 of PAdES: > http://etsi.org/deliver/etsi_ts/102700_102799/10277806/01.01.01_60/ts_10277806v010101p.pdf > > > I would propose to consider the possibility of changing of hte term > "visible signatures" for a term more accurate to what we mean, i.e., a > visual representation of the signature... Yes, like PAdES we are dealing with with both, a special type of digital signature on a PDF. On the other hand we work with a visible representation of a signature. Right from the start I was a bit unhappy with this mixture of concerns. Probably we should separate and clearify things here ... > > . Line 92: apparently another term "visible content" > > . Lines 96 to 98: In the first line I read: "..the document already > contain visible signature placeholders (named "signature fields")...", > so this to me means that signature fields are fields for the visual > representation of a signature....Then lines 97 to 98 read: "As part of > the digital signature operation, the client will need to specify which > signature field should be signed"...this to me means that some of the > fields where the visual information will appear will actually be > signed, and others no...but the key issue is that the term "signature > field" is not a field where the digital signature goes, but the field > where a visual representation of a digital signature appears....am I > correct? and if so, wouldn't a change in the naming be worth? I don't think so. Afaik the signature elements within the PDF structure have names, even if it is just a empty placeholder. There may be a visual representation of a signature, may there is none. > > . Line 266 to 276. FieldName...I copy the wording of the two first lines: > "This optional input will define the identitiy of a signature field to > be signed. This parameter will be sent when it is required to > incorporate a visible signature into the given field." > > So the text seems to indicate that this field first identify the field > to be signed (?) and second the field where the visual representation > of the signature will be included... so, this seems to indicate that > the visual representation has to be included in the field, and that > this field must be signed....am I right? > Again, narrowed down to PDF that's true. A signature filed is identified by its name. And it _may_ have a visual representation ... What's true for PDF maybe completely different for office document signatures and the austrian 2D signature. Again, I was unhappy with the outline of this profile. I see the need for a group of related profiles. But anyway, we have to get along with this profile, somehow! > > Line 579. FieldName for optional input for verification. The spec > reads that it "willd efine the identitiy of a signature field to be > verified"...what exactly validating only one field means?...and what > is its relationship with the validation of a signgature? > A PDF document may contain many signatures. Each of them can be identified by the FieldName. If you supply a FieldName for verification you care just for the addressed signature, not the possible other ones. Greetings, Andreas -- Andreas Kühne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna Amtsgericht Hamm HRB 5868 Directors Andreas Kühne, Heiko Veit Company UK Company No: 5218868 Registered in England and Wales
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]