<div dir="ltr"><div dir="ltr">Alfred,<div><br></div><div><div>First, I strongly think that digital signatures of OPC have</div><div>to be significantly extended. XAdES EN, XML DSig 1.1, and</div><div>SHA 256 are strongly required. But WG4 has agreed not to</div><div>do so in this revision. One reason is that the revision of</div><div>ISO 14533-2:2012 (XAdES Profile) has not been completed</div><div>yet. After the current revision of OPC is completed, I</div><div>hope to start an amendment project for digital signatures.</div><div><br></div><div>Second, it is not only OPC that uses DEFLATE and </div><div>nothing else. EPUB does the same thing. I believe </div><div>that other compression methods as documented in </div><div>PKWARE Appnote require license fee to PKWARE.<br></div></div><div><br></div><div>Regards,</div><div>Makoto</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">2019年1月25日(金) 6:08 Alfred Hellstern <<a href="mailto:Alfred.Hellstern@microsoft.com">Alfred.Hellstern@microsoft.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="DE">
<div class="gmail-m_-1584374984861282868WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hello all,<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">The Visual Studio team is looking into the OPC review, but in the meantime they were wondering about the ZIP compression format:<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">“What is of more concern to me is no movement forward to support newer, better compression algorithms (i.e. based still on ZIP, which itself is limited to fairly light compression), and signature
requirements to use only SHA1 which is no longer considered secure. Is the WG considering addressing these specifications while modernizing the OPC protocols? I appreciate that changing the container format is a daunting and perhaps irreconcilable task, but
adding support for SHA256 or even dual-signing should be supported given that the signed XML specification that OPC uses has supported multiple signature algorithms for a very long time.”<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">What’s our take on moving forward from the current ZIP version we’re using? I suspect this also has to do with the version of ZIP that Windows itself uses in its Compressed Folders feature (and see this blog post
<a href="https://blogs.msdn.microsoft.com/oldnewthing/20180515-00/?p=98755" target="_blank">https://blogs.msdn.microsoft.com/oldnewthing/20180515-00/?p=98755</a> indicating that’s not going to -ever- change.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US">Alfred<u></u><u></u></span></p>
</div>
<br><br>
<font style="background-color:rgb(255,255,255)">
<p align="center"><font style="background-color:rgb(255,255,255)">Click <a href="https://www.mailcontrol.com/sr/MZbqvYs5QwJvpeaetUwhCQ==" target="_blank">here</a> to report this email as spam.</font></p></font>
<br><br>
<p align="center"><font style="background-color:rgb(255,255,255)">This message has been scanned for malware by Forcepoint. </font><a href="http://www.forcepoint.com/" target="_blank"><font style="background-color:rgb(255,255,255)" color="#000000">www.forcepoint.com</font></a></p>
</div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><br>Praying for the victims of the Japan Tohoku earthquake<br><br>Makoto</div>