Sent from my iPhone
> On Sep 29, 2021, at 4:42 PM, Regina Henschel <rb.hensc...@t-online.de> wrote:
>
> Hi Dave,
>
> Dave Fisher schrieb am 30.09.2021 um 00:11:
>> This document was not signed using the ODF 1.2 or 1.3 specification. Instead
>> LO implements its own extension.
>> PGPData
>> xmlns:loext="urn:org:documentfoundation:names:experimental:office:xmlns:loext:1.0”
>
> Which version of LibreOffice? For ODF 1.3 you need LibreOffice 7.0, some
> additions are in 7.1 and 7.2.
Pedro used LO 6.4.7.
I need to inspect an LO 7.2 PGP signed odt.
>
>> This replaces X509Data when PGP signing is done in LO. I wonder if we can
>> implement this without looking at their code.
>
> I don't know whether signatures use the same as OpenPGP encryption. But
> Thorsten Behrens told me, that LibreOffice uses the gpgme library and that it
> needs to be included in the distribution at least on Windows and Mac. But
> gpgme has LGPLv2+ license. So I think, use of LibreOffice's solution is not
> possible for Apache OpenOffice.
That approach would require an extension provided by a 3rd party or an
exception to Apache Release Policy.
BouncyCastle/Java could be an alternative as well.
Regards,
Dave
>
> Kind regards
> Regina
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> For additional commands, e-mail: dev-h...@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org