- From: Juan Carlos Cruellas <cruellas@ac.upc.edu>
- Date: Mon, 20 Oct 2008 11:07:58 +0200
- To: XMLSec <public-xmlsec-maintwg@w3.org>
Dear all, On the signature policy issue, I would like to note that ETSI ESI has specified an xml language for defining signature policies (Technical Report status, early status), which specifies the rules that both signer and verifiers must follow. This allows things like restrictions on the algorithms, certification sub-trees, certification policies, etc. The document is TR 102038: "XML format for signature policies" In addition to that, XAdES signatures defines an element (SignaturePolicyIdentifier), which basically contains an URI identifying the signature policy used for signing, and also the digest of the electronic version of the signature policy (a xml document, that adheres to the aforementioneed TR for instance). This element is then secured by the signature. As a general information: the ETSI documents are free. For downloading any document there is a search engine at: http://pda.etsi.org/pda/queryform.asp For downloading the aforementioned document, you type in the form: TR 102038 Then you may download the document by free after registering sending your email address I hope this helps Regards Juan Carlos.
Received on Monday, 20 October 2008 09:08:40 UTC