[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ubl-dev] Digital Signatures
Hi, Yes, in this case a implementation notes for UBL would be OK; and yes, ofcourse, these do not need to be normative themselve. Thanks, Zahid -----Original Message----- From: David RR Webber [mailto:david@drrw.info] Sent: Monday, December 20, 2004 11:37 AM To: Ahmed, Zahid; ubl-dev@lists.oasis-open.org Subject: Re: [ubl-dev] Digital Signatures Ahmed, Following your thought thread here - perhaps the best way of handling this is as a series of implementations notes for UBL - rather than a specifiic UBL way of doing this - when it seems following your own argument - the transports themselves have preferential ways - and evolving ways of doing this. I do know that the simple ebMS method over SOAP works just fine though - as I know of one application doing exactly that today. Other extended solutions will depend on the use case of the implementers and their transport needs. Seems like signature needs to be at that level - and not part of the UBL schema itself.... Thanks, DW ----- Original Message ----- From: "Ahmed, Zahid" <zahmed@ebay.com> To: <ubl-dev@lists.oasis-open.org> Sent: Monday, December 20, 2004 1:56 PM Subject: RE: [ubl-dev] Digital Signatures I agree that it would be useful to specify standard model to include digital signature support within UBL-based document instances. FYI: This has been discussed and proposed previously (by David Burdett) within UBL NDRSC group more than a year ago; please see: http://lists.oasis-open.org/archives/ubl-ndrsc/200305/msg00016.html Having an optional XML DSig element at root of each UBL document with appropriate guidelines to generate and validate the signature may be useful. I agree that digital signature model based on ebXML message envelop and message handling framework although useful to ebXML use cases will be inadequate for other application protocols. I would recommend that we consider: 1) specification of generic model for digital signature into UBL document instances along the lines of what has been proposed previously; and, 2) consider possibilities of developing profiles for WS Security based digital signatures for non-ebXML, SOAP-based UBL document exchanges. Both of these, ofcourse can be done independent of UBL standards track, but seems an important gap currently. #2, for example, may be applicable to Microsoft InfoPath and/or other simpler web services applications. Thanks, Zahid -----Original Message----- From: Patrick Yee [mailto:kcyee@cecid.hku.hk] Sent: Sunday, December 19, 2004 8:30 PM To: David RR Webber Cc: Giovanni Roldan; ubl-dev@lists.oasis-open.org Subject: Re: [ubl-dev] Digital Signatures Tim and David, Thanks. But I think Giovanni has a point here. Actually (not only theorectically) UBL can be used on many transport protocols. Some supports doing digital signature on the protocol level (like ebMS, WSS, etc.), but some doesn't. Let's imagine a case where we want to create a UBL instance and then send it to a partner using HTTP Post method, or upload it to my partner's FTP server. We may still digitally sign the UBL instance. These cases, together with the InfoPath application mentioned by Giovanni suggest: can we have a normative position for placing the digital signature? Regards,- Patirck David RR Webber wrote: >Giovanni, > >Since Infopath is a forms product - it is hard to certify the user >online with their own digital signature. I presume you are using >SSL in any case for session security. > >You really will need a separate step that does the digital >signature. > >E.g. > >1) User completes Infopath form - and clicks "Confirm" >2) Form creates UBL XML and sends to server - > server now responses to user - > "Dispatch Transaction" and digitally sign form. >3) User confirms this - server then packages > ebXML transaction and sends it with signature > to downstream government system. >4) You can use the free Hermes ebMS for this - > see http://www.freebXML.org > >5) You a user registers their account with your system, > then you will need to assign a certificate for them and > keep track of those. Again - I can suggest you use > the Registry available from 4) and the certificate store > that it provides - as a service. You may also want > to look at the Integration project here: > http://www.ebxmlbook.com/interop and the > Java source code there for more ideas. > >Enjoy, DW > >----- Original Message ----- >From: "Giovanni Roldan" <groldan@gennassis.com> >To: <ubl-dev@lists.oasis-open.org> >Sent: Friday, December 17, 2004 4:58 PM >Subject: [ubl-dev] Digital Signatures > > > > >>1.- Is there available schemas in the UBL definition to digitally sing UBL >>documents? (I can't see the tags and namespaces for digital signature in >>schemas) >> >>2.- Is there any way to include or to import digital signature definitions >>in UBL shemas? >> >> >>These questions raise because I'm trying to use Microsoft Infopath 2003, >> >> >and > > >>I need to use the digital signature feature that comes with this product >> >> >but > > >>I can't, the product documentation indicate: "You cannot enable digital >>signatures for a form that was designed based on an XML Schema that does >>not have a digital signature namespace" >> >> >>I'm working for a government project (in Ecuador- South America) so it's >>very important to support digital signatures using the UBL standard and >>obviously the security feature of MS InfoPath. >> >> >>Saludos, >> >>Giovanni Roldan C. >>GENNASSIS >>www.gennassis.com >> >>Quito >>Ecuador. >> >>-----Mensaje original----- >>De: Stephen Green [mailto:stephen_green@bristol-city.gov.uk] >>Enviado el: viernes, 17 de diciembre de 2004 7:53 >>Para: ubl-dev@lists.oasis-open.org >>Asunto: Re: [ubl-dev] Tools for database support for UBL? >> >>Many thanks to all who replied to my question about >>tools and techniques for supporting database integration >>with UBL and UBL-based Schemas and instances. >> >>It will take a while to ponder all the shared information :-) >> >>Tim's response makes me wonder whether some of the >>extra information from the conceptual model which might >>be necessary to properly create table relationships could >>be provided in a form more accessible to a code/SQL >>generator. >> >>If anyone has any further information on how to infer >>(perhaps automatably) the relationships from the xsd >>or spreadsheets which are machine-readable then I'd >>love to hear it. >> >>Also if anyone has any solutions for a .NET developer >>to use I'd love to hear of them. >> >>Again, thanks to everyone. >> >>All the best >> >>Stephen Green >> >> >> >> >> >> > > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]