Further work on DR 11-0029: Rewriting 13.2.4.1 as an informative summary
MURATA Makoto
eb2m-mrt at asahi-net.or.jp
Wed Jul 13 19:03:40 CEST 2016
Folks,
In Prague, we decided to rewrite 13.2.4.1 as an informative
summary, since it is too detailed.
Here is my first cut.
The package modifications to the XML Digital Signature specification
are summarized below.
1) What is signed?
A (package-specific) Object element having a Manifest element should
be signed. Each Reference element in this Manifest element references
a part in the package.
2) When it was signed?
A SignatureTime element in the package-specific Object element
represents when it was signed. SignatureTime is not provided by
XMLDSig, but is rather our own.
Note: Don't trust SignatureTime when XAdES is used.
3) Transformations
Transformations in the reference to the package-specific Object element
are canonicalizations. Transformations in references within the
Manifest element are either canonicalizations or relationships
transformations. Relationship transformations are our own. They are for
transforming relationships parts.
--
Regards,
Makoto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.vse.cz/pipermail/sc34wg4/attachments/20160714/46804c03/attachment.html>
More information about the sc34wg4
mailing list