[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CAdES. Storing validation data.

To: "'Pope, Nick'" <Nick.Pope@xxxxxxxxxxxxxxxxxxxx>, <ESI@xxxxxxxxxxxxx>, <ietf-smime@xxxxxxx>
Subject: CAdES. Storing validation data.
From: "Pavel V. Smirnov" <spv@xxxxxxxxxxxx>
Date: Mon, 26 May 2008 14:50:03 +0400
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime@xxxxxxxxxxxx
Thread-index: Aci/Hj9MN8lMCJM0TyOqb22Gph/8Bg==

Hello all and personally Nick,

I want to draw your attention to the following problem.

There is only limited possible transformation between CAdES-X Type 1 signature and CAdES-X Long Type 1 signature. Notably, one must store certificate and revocation values for signature-timestamp validation in the timestamp itself, hence, after receiving CAdES-C-timestamp one cannot add or remove these values from signature-timestamp.

An obvious solution is to allow to include timestamp validation data in certificate-values and revocation-values attributes of the signature itself. What do you think?

Pavel Smirnov

Crypto-Pro
Tel./Fax: +7 495 780-4820
WWW: http://www.CryptoPro.ru
e-mail: spv@xxxxxxxxxxxx

Prev by Date: draft-ietf-smime-3851bis-02 (notes, part 2) (fwd)
Next by Date: Extending CAdES to support usual signature upgrading to CAdES-T and further
Previous by thread: draft-ietf-smime-3851bis-02 (notes, part 2) (fwd)
Next by thread: Extending CAdES to support usual signature upgrading to CAdES-T and further
Index(es):
- Date
- Thread