- From: A. Jerman Blazic <aljosa@e5.ijs.si>
- Date: Fri, 30 Jan 2004 09:49:42 +0100
- To: "'Juan Carlos Cruellas Ibarz'" <cruellas@ac.upc.es>, <w3c-ietf-xmldsig@w3.org>
Dear Juan, Thank you for useful links. As you are saying XAdES includes mechanisms which part of the message is time stamped, but it is still hard to understand how this can be performed in case we are talking about signatures as a part of the document structure. Current timestamp protocols are not capable of handling parts of XML structures and from the implementation point of view that is impossible to realize without some basic information on how a part of the document is extracted for the time stamping purposes. I imagine the most obvious way to define XML TimeStamp, but how far are we form the actual standardization? Some proposals are quite impressive, but so far I see operability of XAdES concerning timestamps problematic. If anyone can give more information on how to get closer to designing stages (if there are formal one??) it would be more than welcome. Best regards Aleksej > -----Original Message----- > From: w3c-ietf-xmldsig-request@w3.org > [mailto:w3c-ietf-xmldsig-request@w3.org] On Behalf Of Juan > Carlos Cruellas Ibarz > Sent: Monday, January 26, 2004 1:12 PM > To: A. Jerman Blazic; w3c-ietf-xmldsig@w3.org > Subject: Re: XAdES TimeStamping implementation > > > > Dear Jerman, > > You are right when you say that the current ASN.1 TImeStamp > standard does not recognize an XML structure. But XAdES > specifies mechanisms, not only for including time-stamps > (encapsulated within XML structures), but also for > IDENTIFYING WHICH parts of the signature and of the signed > documents where included within the computation of the hash > to be sent to the TSA. This should allow, when dealing with > one of the different time-stamps that appear within XAdES, > identify what each one is actually time-stamping. It is a > matter of the supporting structure, > not of the generated time-stamp token itself. As I said in a > former message, this mechanisms were largely discussed in > the XAdES plugtest event organized by ETSI, and you have the > URL where you cand find the final report where this issue is > commented, and the proposal for review is made available. > > Concerning to the parts of the documents that were > time-stamped, the mechanisms rely on the referencing > mechanisms defined within the SignedInfo element. Concerning > the different parts of the signature, XAdES specifies what > parts of the signature should be included in such a > computattion for each different time-stamp element defined > within XAdES. > > Just for your knowledge, currently the Digital Signature > Services Technical Committee is working on a design of a XML > based protocol for requesting time-stamps issuance to one > server. Such document will also contain a time-stamp token > specification in XML. > > See details at: > www.oasis-open.org Regards Juan Carlos. At 12:32 26/01/2004 +0100, A. Jerman Blazic wrote: > >Dear All > >I don't know whether this was discussed before, but it does impose some >obstacles in our implementation attempts. We are evaluating the use of >XAdES as a tool for record archiving system, since XAdES already >includes some fields for time stamping inclusion. However, the problem >with time stamping is that is it does not fit into XML structure (so >far). So XAdES should perfectly perform when using "detach" signature >type (e.g. file separated from a signature, which can be timestamped >without problem). But what happens when one uses other signature types? >How is a time stamping procedure performed when signature is part of a >(signed) file? Current TimeStamp standard does not recognize an XML >structure and therefore if time stamped, the part of the message must >be taken out, time stamped and put back and then timestamp itself >included in an XAdES structure. It could be performed, but under what >circumstances? Transformations seems to be the first and the main >problem not to mention that the whole procedure without clear process >definition seems pretty awkward, so any suggestions are welcome. > >Best regards > >Aleksej > >------------------- >SETCCE >Jamova 39 >1000 Ljubljana >tel: +386 1 4773739 >fax: +386 1 4773861 >www.setcce.org >------------------- >
Received on Friday, 30 January 2004 03:48:45 UTC