OASIS Open Document Format for Office Applications (OpenDocument) TC

  • 1.  encryption - signature

    Posted 07-07-2019 17:03
    Hi all, I'm currently looking through OpenDocument-v1.3-wd06-part2-packages. I have a question in regard to section 4.8.6 manifest:start-key-generation-name: "Package producers that support encryption should use the http://www.w3.org/2000/09/xmldsig#sha256 algorithm. Package consumers that support encryption shall support the values SHA1, and http://www.w3.org/2000/09/xmldsig#sha1 and http://www.w3.org/2000/09/xmldsig#sha256." ; Is it correct? I thought "xmldsig" is for "XML Signature Syntax and Processing". I would have expected something with "xmlenc", e.g. http://www.w3.org/2001/04/xmlenc#sha256 . But that is not my area, so please can someone of you have a look? Kind regards Regina


  • 2.  Re: [office] encryption - signature

    Posted 07-07-2019 17:55
    Hi all, it seems to be related to https://issues.oasis-open.org/browse/OFFICE-3708 Kind regards Regina Regina Henschel schrieb am 07-Jul-19 um 19:03: Hi all, I'm currently looking through OpenDocument-v1.3-wd06-part2-packages. I have a question in regard to section 4.8.6 manifest:start-key-generation-name: "Package producers that support encryption should use the http://www.w3.org/2000/09/xmldsig#sha256 algorithm. Package consumers that support encryption shall support the values SHA1, and http://www.w3.org/2000/09/xmldsig#sha1 and http://www.w3.org/2000/09/xmldsig#sha256." ; Is it correct? I thought "xmldsig" is for "XML Signature Syntax and Processing". I would have expected something with "xmlenc", e.g. http://www.w3.org/2001/04/xmlenc#sha256 . But that is not my area, so please can someone of you have a look? Kind regards Regina --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


  • 3.  Re: [office] encryption - signature

    Posted 07-07-2019 18:04
    Regina Henschel schrieb am 07-Jul-19 um 19:54: Hi all, it seems to be related to https://issues.oasis-open.org/browse/OFFICE-3708 And to https://issues.oasis-open.org/browse/OFFICE-3702 ? Perhaps add a note somewhere? Kind regards Regina


  • 4.  Re: [office] encryption - signature

    Posted 07-08-2019 17:18
    On 07.07.19 20:03, Regina Henschel wrote: Regina Henschel schrieb am 07-Jul-19 um 19:54: Hi all, it seems to be related to https://issues.oasis-open.org/browse/OFFICE-3708 And to https://issues.oasis-open.org/browse/OFFICE-3702 ? Perhaps add a note somewhere? apparently this was previously discussed... [office] ODF Teleconference 15 August 2016 - chat log https://lists.oasis-open.org/archives/office/201608/msg00006.html Patrick: https://issues.oasis-open.org/browse/OFFICE-3702 Patrick: Close with no action, there is no benefit to using the correct URL - would cause unnecessary work and effort, plus possibly break prior applications - Jos van den Oever: Calligra uses ' http://www.w3.org/2000/09/xmldsig#sha1 ;' Jos van den Oever: but not sha256 the situation is that the URL is for SHA256 is incorrect, but OpenOffice.org writes this incorrect URL since 2011 and thus all existing ODF 1.2 documents that make use of SHA256 have this incorrect URL... this is unfortunate but it's a bit late to prevent it now. (LibreOffice can consume the correct URL in addition to the incorrect one since 2016, 1015d35f2362953f415804476037d4f162eb49b5) we could either leave this as it is, or require that consumers recognize the correct URL in addition to the incorrect one. (note that producers and consumers are technically allowed to use any URL they please anyway by the schema.) regards, michael -- Michael Stahl Senior Software-Entwickler LibreOffice CIB software GmbH GeschÃftsstelle Hamburg Flachsland 10 22083 Hamburg T +49 (40) / 28 48 42 -296 F +49 (40) / 28 48 42 -100 Michael.Stahl@cib.de www.cib.de Sitz: MÃnchen Registergericht MÃnchen, HRB 123286 GeschÃftsfÃhrer: Dipl.-Ing. Ulrich Brandner