Should we define a "critical" flag for ds:Object

Hi all,

just one idea that I had during having a look at the ETSI documents about 
qualifying signatures[1]. Would it make sense to add a critical attribute 
to the ds:Object that indicates that it includes some properties that have 
to be understood by the verification application? I think about a mechanism 
like the X.509v3 extensions which have a critical flag, which means that 
_if_ it's set the application must understand the extension... In [1], the 
ETSI defines a way to include additional information about a signature 
inside it...


PS: This would include a tweak to the signature verification processing 
model and a schema change. The schema change could be easy if we default 
this to critical='false'. But the processing model would have to say 
something like: "If a ds:Reference references an ds:Object of the signature 
with critial='true' and the application does not know how to handle the 
statements inside ds:Object, the verification MUST fail...."

[1] Standard ETSI TS 101 203 - XML Advanced Electronic Signatures (XAdES)

Received on Thursday, 27 September 2001 14:44:53 UTC