<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">

<meta name="Generator" content="Microsoft Word 15 (filtered medium)">

<style><!--

/* Font Definitions */

@font-face

        {font-family:"Cambria Math";

        panose-1:2 4 5 3 5 4 6 3 2 4;}

@font-face

        {font-family:Calibri;

        panose-1:2 15 5 2 2 2 4 3 2 4;}

@font-face

        {font-family:Consolas;

        panose-1:2 11 6 9 2 2 4 3 2 4;}

/* Style Definitions */

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0in;

        margin-bottom:.0001pt;

        font-size:12.0pt;

        font-family:"Times New Roman","serif";}

a:link, span.MsoHyperlink

        {mso-style-priority:99;

        color:blue;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {mso-style-priority:99;

        color:purple;

        text-decoration:underline;}

span.hoenzb

        {mso-style-name:hoenzb;}

span.EmailStyle18

        {mso-style-type:personal-reply;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

.MsoChpDefault

        {mso-style-type:export-only;

        font-family:"Calibri","sans-serif";}

@page WordSection1

        {size:8.5in 11.0in;

        margin:1.0in 1.0in 1.0in 1.0in;}

div.WordSection1

        {page:WordSection1;}

--></style><!--[if gte mso 9]><xml>

<o:shapedefaults v:ext="edit" spidmax="1026" />

</xml><![endif]--><!--[if gte mso 9]><xml>

<o:shapelayout v:ext="edit">

<o:idmap v:ext="edit" data="1" />

</o:shapelayout></xml><![endif]-->

</head>

<body lang="EN-US" link="blue" vlink="purple">

<div class="WordSection1">

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Murata-san,<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">After a careful review of digital signature parts created by Microsoft Office 2007, 2010, and 2013 I think the issue you raise below is a misunderstanding rather

 than a conflict. I acknowledge that such a misunderstanding is very likely to occur based on the current text of Digital Signatures section 13 of ISO/IEC 29500-2, and we will want to improve that text as part of our revision efforts.<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I think the confusion comes from a lack of clarity about

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> elements in the

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Signature</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element. Section 13.2.4.1 uses confusing language regarding package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element(s). Paragraph 2 requires that a “producer shall create one and only one package specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element in the

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Signature</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element.” Then paragraph 3 states that the “producer shall create package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">

<b><i>elements</i></b> … (emphasis added)”. Note the use of the plural “elements”. I had to read through this a few times before realizing that the use of the plural in paragraph 3 does not give permission to include more than one package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element in any given

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Signature</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">, but is only there to provide an anchor for the limitations that follow, that the package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element in a

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Signature</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> must contain exactly one

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Manifest</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element, and exactly one

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">SignatureProperties</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element.<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">In order to fully understand the content in the signatures written by Microsoft Office a reader needs to look beyond the description of package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> elements in Section 13.2.4.1 to Section 13.2.4.2 which states that the “producer shall create

 a </span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Signature</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element that contains exactly one local-data, package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element

<i>and zero or more application-defined </i></span><i><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span></i><i><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> elements</span></i><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">.”

 The </span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element written by MS Office with the ID of “</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">idOfficeObject</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">”

 is an application-defined </span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element, so the restrictions and requirements related to package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> elements in 13.2.4.1 do not apply to that

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element. If you look at the package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element (with the ID of “</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">idPackageObject</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">”)

 you will find a </span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">SignatureProperties</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element that meets the requirements in 13.2.4.1 paragraph 3.d.

 As you noted in your first message, Section 2.5.2.5 of MS-OFFCRYPTO accurately describes the contents of the Microsoft Office application-defined

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element.<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">    <</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">SignatureProperties</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">      <</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">SignatureProperty</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">

</span><span style="font-size:9.5pt;font-family:Consolas;color:red;background:white;mso-highlight:white">Id</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">=</span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white">"</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">idSignatureTime</span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white">"</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">

</span><span style="font-size:9.5pt;font-family:Consolas;color:red;background:white;mso-highlight:white">Target</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">=</span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white">"</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">#idPackageSignature</span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white">"</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">        <</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">mdssi:SignatureTime</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">          <</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">mdssi:Format</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white">YYYY-MM-DDThh:mm:ssTZD</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white"></</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">mdssi:Format</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">          <</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">mdssi:Value</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white">2014-02-26T19:11:27Z</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white"></</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">mdssi:Value</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">        </</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">mdssi:SignatureTime</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">      </</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">SignatureProperty</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">    </</span><span style="font-size:9.5pt;font-family:Consolas;color:#A31515;background:white;mso-highlight:white">SignatureProperties</span><span style="font-size:9.5pt;font-family:Consolas;color:blue;background:white;mso-highlight:white">></span><span style="font-size:9.5pt;font-family:Consolas;color:black;background:white;mso-highlight:white"><o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I’ll work on a proposal to make it more clear earlier in Section 13 that a digital signature part can have multiple

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> elements, but exactly one of those must be the package-specific

</span><span style="font-size:11.0pt;font-family:Consolas;color:#1F497D">Object</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> element.<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Jim<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>

<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> eb2mmrt@gmail.com [mailto:eb2mmrt@gmail.com]

<b>On Behalf Of </b>MURATA Makoto<br>

<b>Sent:</b> Monday, February 24, 2014 10:00 PM<br>

<b>To:</b> SC34<br>

<b>Subject:</b> Re: OPC: contents of SignatureProperty<o:p></o:p></span></p>

<p class="MsoNormal"><o:p> </o:p></p>

<div>

<div>

<p class="MsoNormal">I still believe that there is a conflict here, but I <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">would like to make a comment about the <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">schema.<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">The SigantureProperty element in question appears within <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">an Object element.  The complex type for Object has <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><any namespace="##any" processContents="lax"/>.  <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">Does this wild card allow the SignatureProperty element<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">to have any attributes and contents?  No, processContents="lax"<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">implies that "·validate· if you can, don't worry if you can't" <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">(W3C XML Schema Part 1)<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">Regards,<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">Makoto<o:p></o:p></p>

</div>

</div>

<div>

<p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p>

<div>

<p class="MsoNormal">2014-02-25 11:56 GMT+09:00 MURATA Makoto <<a href="mailto:eb2m-mrt@asahi-net.or.jp" target="_blank">eb2m-mrt@asahi-net.or.jp</a>>:<o:p></o:p></p>

<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">

<div>

<div>

<p class="MsoNormal">I am studying digital signature in Office for the standardization <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">of XAdES.<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">I find that both Word 2007 and [MS-OFFCRYPTO] ignores a requirement <o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">in 29500-2:2012.<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">13.2.4.1 "Modifications to the XML Digital Signature<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">Specification" in 29500-2:2012 specifies that "A<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">SignatureProperty element shall contain exactly one<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">SignatureTime child element".<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">However, Word 2007 creates a different child element.<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">      <SignatureProperty Id="idOfficeV1Details" Target="#idPackageSignature"><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">        <SignatureInfoV1 xmlns="<a href="http://schemas.microsoft.com/office/2006/digsig" target="_blank">http://schemas.microsoft.com/office/2006/digsig</a>"><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">          ...<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">        </SignatureInfoV1><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">      </SignatureProperty><o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">This appears to follow "2.5.2.5 idOfficeObject Object Element"<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">in [MS-OFFCRYPTO]<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">"A SignatureProperties element containing a SignatureProperty<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">element, which MUST contain a SignatureInfoV1 element that<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">specifies the details of a digital signature in a<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">document. The following XML Schema specifies the contents of<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal">the SignatureProperty element: "<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<div>

<p class="MsoNormal">I think that there is a clear conflict here.<o:p></o:p></p>

</div>

<div>

<p class="MsoNormal"><span style="color:#888888"><o:p> </o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="color:#888888">-- <o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="color:#888888">Regards,<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="color:#888888"><o:p> </o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="color:#888888">Makoto<o:p></o:p></span></p>

</div>

</div>

</blockquote>

</div>

<p class="MsoNormal"><br>

<br clear="all">

<o:p></o:p></p>

<div>

<p class="MsoNormal"><o:p> </o:p></p>

</div>

<p class="MsoNormal">-- <br>

<br>

Praying for the victims of the Japan Tohoku earthquake<br>

<br>

Makoto <o:p></o:p></p>

</div>

</div>

</body>

</html>