W3C home > Mailing lists > Public > public-xmlsec@w3.org > September 2008

ACTION-41: Solicit and contribute requirements and assumptions from workflow scenarios

From: Chris Solc <csolc@adobe.com>
Date: Mon, 1 Sep 2008 20:09:24 -0700
To: "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-ID: <686848D3189C0845A6E5FA781D6A0FFF02DD17ED5E@nambx03.corp.adobe.com>
Here is a initial list of assumptions and requirements for document workflow signatures, please review and comment.

1. Data being routed through the workflow is expected to change

2. Data can be re-serialized using different technologies at different points in a workflow.

3. A signature in a workflow may have different purposes
                - authentication
                - authorization
                - accountability
                - witness
                - time stamping

4. The protocol used to route data through the workflow may not me secure

5. The life time of workflow data is not deterministic.

6. The location of the signature may have significance

7. There are typically designated locations to insert signatures into the workflow data.

8. The validity of the signature can affect the decision making process of the workflow.

1. Support for multiple signatures
                - this is to allow parallel and sequential signature workflows

2. Support for counter signatures
                - is to support dependent sequential multiple signature workflows

4. Depending on the purpose of the signature there will be a set of changes that:
                - don't invalidate the signature
                - cause warnings to be issued
                - cause the signature to break

5. Ability to store meta data within the signatures
                - this may include the purpose of the signatures, addition information about the signer
                - This information is required to make the appropriated workflow decisions based on the state of the signature

Chris Solc
Computer Scientist
Adobe Systems Canada Inc.
Phone: +1 613.940.3693
E-mail: csolc@adobe.com<mailto:csolc@adobe.com>
Received on Tuesday, 2 September 2008 03:13:46 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:09 UTC