DR 11-0029: Q1
eb2m-mrt at asahi-net.or.jp
Sun May 1 03:41:33 CEST 2016
I am going to post some e-mails for addressing this DR.
Q1: Which element of XML DSig 1.0 is allowed in OPC?
First, the elements of XML DSig 1.0 can be classified into
Group A: Mentioned normatively in "12.4 Digital Signature
OPC has some subclauses dedicated to XML DSig 1.0 elements.
For example, "12.4.8 Transforms Element" and "12.4.19
DigestMethod Element" are dedicated to the Transforms element
and the DigestMethod element of DSig 1.0, respectively.
Group B: Mentioned in other subclauses such as "12.6 Digital
Some DSig 1.0 elements (e.g., the DigestValue element) are
not defined by subclasues of "12.4 Digital Signature Markup",
but are mentioned in other subclauses such as "12.6 Digital
Group C: Not mentioned anywhere
Some DSig 1.0 elements are not mentioned anywhere in OPC.
Obviously, elements in Group A are allowed in OPC, and should
continue to be allowed. But I do not think that we need a
subclause for each of them.
I believe that elements in Group B should also be allowed.
But I do not think that we have to introduce a subclause for
each of them.
It is not clear what we should do about elements in Group C.
For example, he KeyValue element of DSig 1.0 is not mentioned
in OPC. DSig 1.0 allows this element as a child of the
KeyInfo element, and ISO/IEC 29500-2 simply relies on DSig
1.0. See "12.4.12 KeyInfo Element" (shown below) in the
The structure of a KeyInfo element is defined in
§4.4 of XML-Signature Syntax and Processing.
The certificate embedded in the Digital Signature
XML Signature part shall be used when it is
Does this prose imply that the KeyValue element is allowed in
But the original Ecma 376 looks more restrictive than DSig
1.0. The diagram in 184.108.40.206 appears to allow X509Data as
children of the KeyInfo element, and allow nothing else.
There is no prose about this possible restriction, though.
Since DSig is intended to address many use cases, it is not
unreasonable for OPC to impose restrictions on the use
of DSig. But we have to know the restrictions first.
Here is my classification of the elements defined in XML DSig 1.0.
Praying for the victims of the Japan Kyuushuu earthquake
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the sc34wg4