W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2002

Re: Multiple signatures on multiple files

From: David Wall <dwall@Yozons.com>
Date: Fri, 26 Jul 2002 19:11:02 -0700
Message-ID: <013801c23512$dbbbda00$5a2b7ad8@expertrade.com>
To: <reagle@w3.org>, <w3c-ietf-xmldsig@w3.org>

> David, could you give a pseudo example? I don't even understand why you
are
> placing these encoded material in a SignatureProperties.

Here's an example (with the attachment, logo, signature and public keys
truncated for space) of what I have today.  I think I have an understanding
now of how to do this better, using Signature elements that reference the
common data elements, but I'm not sure.  Of course, I'd prefer to keep my
data format and then wrap the signature elements we have with XML Signature
elements.

<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<!DOCTYPE message>
<message xmlns="http://www.authorchats.com" version="1"
ownerUserId="8592082075648" id="10737424333">
  <fromEmail
userId="8592082075648"><![CDATA[d.wall@authorchats.com]]></fromEmail>
  <fromDisplayName><![CDATA[David A. E. Wall]]></fromDisplayName>
  <toText><![CDATA[leo.falcon@msn.com]]></toText>
  <ccText><![CDATA[]]></ccText>
  <bccText><![CDATA[]]></bccText>
  <ownerEmail role="FROM"><![CDATA[d.wall@authorchats.com]]></ownerEmail>
  <sentTimestamp seconds="1018055914">04/05/02 5:18 PM PST</sentTimestamp>
  <readTimestamp seconds="1018280190">04/08/02 8:36 AM PDT</readTimestamp>
  <subject><![CDATA[Sales rep agreement - Leo Falcon]]></subject>
  <size>175061</size>

  <body>TGVlLA0KDQp...snip...0NDIuMjcyOQ==</body>

  <attachments count="1">
<attachment version="1" ownerUserId="8592082075648" messageId="10737424333"
id="10737419338">
  <fileSize>155648</fileSize>
  <originalName><![CDATA[Sales Rep Agreement Leo
Falcon.doc]]></originalName>
  <contentType><![CDATA[application/msword]]></contentType>
  <createdTimestamp seconds="1018055722">04/05/02 5:15 PM
PST</createdTimestamp>
  <readTimestamp seconds="0"></readTimestamp>
  <rawData>0M8R4KGxGuEAAAAA...snip...AAAH0AAAB+AAAAfwAAAIAAAAA=</rawData>

  <signatures count="2">

<signature version="3" ownerId="8592082075648" linkedToId="10737419338"
signerUserId="8592082075961">
  <company><![CDATA[]]></company>
  <ipAddr>4.64.120.118</ipAddr>
  <hostname>evrtwa2-ar15-4-64-120-118.evrtwa2.vz.dsl.gtei.net</hostname>
  <signedWithName><![CDATA[Leo Falcon]]></signedWithName>
  <userSignedDate seconds="1018249200">04/08/2002</userSignedDate>
  <realSignedTimestamp seconds="1018279613">04/08/02 8:26 AM
PDT</realSignedTimestamp>
  <emailFullDisplayName confirmed="true" paidConfirmed="false"><![CDATA[
<leo.falcon@msn.com>]]></emailFullDisplayName>
<signatureBlockOptions count="0">
  <preText><![CDATA[By typing my name clicking the Add my signature button,
I agree to be bound to the terms described in the attached sales
representative agreement.]]></preText>
  <postText><![CDATA[]]></postText>
</signatureBlockOptions>

<digitalSignature>Hp1Wa6W3BAS+OT5...snip...fTgdWD5yhWlaRBA==</digitalSignatu
re>
  <signerPublicKey
id="8592082075803">MIIBHjALBgkqhki..snip...oq+QECARE=</signerPublicKey>
</signature>

<signature version="3" ownerId="8592082075648" linkedToId="10737419338"
signerUserId="8592082075648">
  <company><![CDATA[AuthorChats]]></company>
  <ipAddr>217.102.41.30</ipAddr>
  <hostname>r41.30-dsl.evt.lightrealm.net</hostname>
  <signedWithName><![CDATA[David A. E. Wall]]></signedWithName>
  <userSignedDate seconds="1017993600">04/05/2002</userSignedDate>
  <realSignedTimestamp seconds="1018055915">04/05/02 5:18 PM
PST</realSignedTimestamp>
  <emailFullDisplayName confirmed="true" paidConfirmed="true"><![CDATA[David
A. E. Wall <d.wall@authochats.com>]]></emailFullDisplayName>
<signatureBlockOptions count="0">
  <preText><![CDATA[]]></preText>
  <postText><![CDATA[]]></postText>
</signatureBlockOptions>

<digitalSignature>Ah1R1lJ/P/GayP1kb+Ffldb6KzVGJJj...snip...oJZTMaRlw==</digi
talSignature>
  <signerPublicKey
id="8592082075648">MIIBHjALBgkq...snip...XgJd4m4kCARE=</signerPublicKey>
</signature>
  </signatures>
</attachment>
  </attachments>

<activeLetterhead version="2">
  <logoFile><![CDATA[logo.jpg]]></logoFile>
  <logoWidth>0</logoWidth>
  <logoHeight>0</logoHeight>
  <url><![CDATA[]]></url>
  <headerTagline><![CDATA[Chat & Learn with AuthorChats]]></headerTagline>
  <footerTagline><![CDATA[An ExperTrade Production]]></footerTagline>
  <contentType><![CDATA[image/pjpeg]]></contentType>
  <messageLabel><![CDATA[Message]]></messageLabel>
  <attachmentLabel><![CDATA[Attachments]]></attachmentLabel>
  <logoData
size="17124">/9j/4AAQSkZJRgABAQ...snip...l+L8X4vzOs6X4vxfi/M6zr//Z</logoData
>
</activeLetterhead>

</message>


Note that the body, rawData, digitalSignature, signerPublicKey and logoData
elements are base64 encoded binary.  Most of the elements that contain
"user-supplied" input are wrapped in CDATA to avoid problems with whitespace
and special characters (avoiding doing transforms as we output this database
data into XML).

The first signature element, for example, since it's inside the attachment
element, is the first electronic signature for that attachment.  It's
composed of the elements: attachment.messageId, attachment.id, fileSize,
createdTimestamp, signedWithName, realSignedTimestamp, originalName,
contentType, rawData, preText, and postText and ipAddr.

The second signature element signs the same attachment, but only the
signedWithName, realSignedTimestamp and ipAddress would generally have
different values (not to mention they'd use different public keys!) from
those used by the first signer's signature.

While there are none here, there could be multiple attachment elements, and
the message element itself could have one or more signatures that would
effectively sign the body element instead of an attachment.rawData element.

Does that make it any more clear?

Thanks,
David
Received on Friday, 26 July 2002 22:11:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:10 UTC