Interesting - several comments, in no particular order:
You didn't sign everything in the file, especially in Configurations2/* - why not?
The Reference URIs have to have some way of knowing which are package files and which are internal references and which are external references. In my proposal, I'd suggested basing this off the Type attribute. Alternately, you can make another Object element with a Manifest that plays by different rules, since an Object element is implementation dependent. I don't think that what you have here is legal XmlDSig as a result. Though this is easily enough fixed.
I don't think an Id attribute is needed on SignatureValue - we know what it is signing.
I'd also suggest making your Reference for the time SignatureProperty element just cover SignatureProperties instead. I'd also suggest putting an Id on the Object element so that we know how to parse it. You can end up with several Object elements, and this is one that's required for compatibility with existing signatures, so we need to be able to find it.
Also a good idea to put an Id on the XAdES Object, though this one can be identified by looking for a Reference with a specific Type attribute, and then finding it from there.
I think your namespace declaration is incorrect, in that you only need to use the 1.4.1 namespace on 1.4.1-specific elements. We should double-check the XAdES standard to be sure.
You don't have any CertValues in your TimestampValidationData elements - why? (If the timestamp cert is self-signed, that would be one reason.)
Because Id attributes have to be unique in a document, you've nicely made the Id random and unique to each Signature. I don't think I have creating these covered in my proposal. It might be a good idea to specify how these should be created.
The canonicalization method used for the time stamp is different than for the rest of the Reference elements. Why is this different?
Original Message-----
From: Hanssens Bart [mailto:Bart.Hanssens@fedict.be]
Sent: Friday, September 24, 2010 10:06 AM
To: office@lists.oasis-open.org
Cc: Cornelis Frank
Subject: [office] XAdES support in ODF
Hi,
at Fedict, Frank is working very hard on all the eID goodies, including signing XML-documents like ODF with the eID.
I signed an ODF document (in attachment) with my Belgian eID card. While the signature file might not be 100% in line with the latest 1.2 draft, it does contain XAdES 1.4.1 elements that are worth looking at.
Feedback is welcome of course, and hopefully it is useful for nailing down the signature support in ODF.
Best regards
Bart