- From: David Wall <dwall@Yozons.com>
- Date: Fri, 26 Jul 2002 19:11:02 -0700
- To: <reagle@w3.org>, <w3c-ietf-xmldsig@w3.org>
> David, could you give a pseudo example? I don't even understand why you are > placing these encoded material in a SignatureProperties. Here's an example (with the attachment, logo, signature and public keys truncated for space) of what I have today. I think I have an understanding now of how to do this better, using Signature elements that reference the common data elements, but I'm not sure. Of course, I'd prefer to keep my data format and then wrap the signature elements we have with XML Signature elements. <?xml version="1.0" encoding="UTF-8" standalone="yes" ?> <!DOCTYPE message> <message xmlns="http://www.authorchats.com" version="1" ownerUserId="8592082075648" id="10737424333"> <fromEmail userId="8592082075648"><![CDATA[d.wall@authorchats.com]]></fromEmail> <fromDisplayName><![CDATA[David A. E. Wall]]></fromDisplayName> <toText><![CDATA[leo.falcon@msn.com]]></toText> <ccText><![CDATA[]]></ccText> <bccText><![CDATA[]]></bccText> <ownerEmail role="FROM"><![CDATA[d.wall@authorchats.com]]></ownerEmail> <sentTimestamp seconds="1018055914">04/05/02 5:18 PM PST</sentTimestamp> <readTimestamp seconds="1018280190">04/08/02 8:36 AM PDT</readTimestamp> <subject><![CDATA[Sales rep agreement - Leo Falcon]]></subject> <size>175061</size> <body>TGVlLA0KDQp...snip...0NDIuMjcyOQ==</body> <attachments count="1"> <attachment version="1" ownerUserId="8592082075648" messageId="10737424333" id="10737419338"> <fileSize>155648</fileSize> <originalName><![CDATA[Sales Rep Agreement Leo Falcon.doc]]></originalName> <contentType><![CDATA[application/msword]]></contentType> <createdTimestamp seconds="1018055722">04/05/02 5:15 PM PST</createdTimestamp> <readTimestamp seconds="0"></readTimestamp> <rawData>0M8R4KGxGuEAAAAA...snip...AAAH0AAAB+AAAAfwAAAIAAAAA=</rawData> <signatures count="2"> <signature version="3" ownerId="8592082075648" linkedToId="10737419338" signerUserId="8592082075961"> <company><![CDATA[]]></company> <ipAddr>4.64.120.118</ipAddr> <hostname>evrtwa2-ar15-4-64-120-118.evrtwa2.vz.dsl.gtei.net</hostname> <signedWithName><![CDATA[Leo Falcon]]></signedWithName> <userSignedDate seconds="1018249200">04/08/2002</userSignedDate> <realSignedTimestamp seconds="1018279613">04/08/02 8:26 AM PDT</realSignedTimestamp> <emailFullDisplayName confirmed="true" paidConfirmed="false"><![CDATA[ <leo.falcon@msn.com>]]></emailFullDisplayName> <signatureBlockOptions count="0"> <preText><![CDATA[By typing my name clicking the Add my signature button, I agree to be bound to the terms described in the attached sales representative agreement.]]></preText> <postText><![CDATA[]]></postText> </signatureBlockOptions> <digitalSignature>Hp1Wa6W3BAS+OT5...snip...fTgdWD5yhWlaRBA==</digitalSignatu re> <signerPublicKey id="8592082075803">MIIBHjALBgkqhki..snip...oq+QECARE=</signerPublicKey> </signature> <signature version="3" ownerId="8592082075648" linkedToId="10737419338" signerUserId="8592082075648"> <company><![CDATA[AuthorChats]]></company> <ipAddr>217.102.41.30</ipAddr> <hostname>r41.30-dsl.evt.lightrealm.net</hostname> <signedWithName><![CDATA[David A. E. Wall]]></signedWithName> <userSignedDate seconds="1017993600">04/05/2002</userSignedDate> <realSignedTimestamp seconds="1018055915">04/05/02 5:18 PM PST</realSignedTimestamp> <emailFullDisplayName confirmed="true" paidConfirmed="true"><![CDATA[David A. E. Wall <d.wall@authochats.com>]]></emailFullDisplayName> <signatureBlockOptions count="0"> <preText><![CDATA[]]></preText> <postText><![CDATA[]]></postText> </signatureBlockOptions> <digitalSignature>Ah1R1lJ/P/GayP1kb+Ffldb6KzVGJJj...snip...oJZTMaRlw==</digi talSignature> <signerPublicKey id="8592082075648">MIIBHjALBgkq...snip...XgJd4m4kCARE=</signerPublicKey> </signature> </signatures> </attachment> </attachments> <activeLetterhead version="2"> <logoFile><![CDATA[logo.jpg]]></logoFile> <logoWidth>0</logoWidth> <logoHeight>0</logoHeight> <url><![CDATA[]]></url> <headerTagline><![CDATA[Chat & Learn with AuthorChats]]></headerTagline> <footerTagline><![CDATA[An ExperTrade Production]]></footerTagline> <contentType><![CDATA[image/pjpeg]]></contentType> <messageLabel><![CDATA[Message]]></messageLabel> <attachmentLabel><![CDATA[Attachments]]></attachmentLabel> <logoData size="17124">/9j/4AAQSkZJRgABAQ...snip...l+L8X4vzOs6X4vxfi/M6zr//Z</logoData > </activeLetterhead> </message> Note that the body, rawData, digitalSignature, signerPublicKey and logoData elements are base64 encoded binary. Most of the elements that contain "user-supplied" input are wrapped in CDATA to avoid problems with whitespace and special characters (avoiding doing transforms as we output this database data into XML). The first signature element, for example, since it's inside the attachment element, is the first electronic signature for that attachment. It's composed of the elements: attachment.messageId, attachment.id, fileSize, createdTimestamp, signedWithName, realSignedTimestamp, originalName, contentType, rawData, preText, and postText and ipAddr. The second signature element signs the same attachment, but only the signedWithName, realSignedTimestamp and ipAddress would generally have different values (not to mention they'd use different public keys!) from those used by the first signer's signature. While there are none here, there could be multiple attachment elements, and the message element itself could have one or more signatures that would effectively sign the body element instead of an attachment.rawData element. Does that make it any more clear? Thanks, David
Received on Friday, 26 July 2002 22:11:04 UTC