Have you asked any of the folks who worked on Xades? They should be better able
to explain the motivation behind the design.
--Sean
-Fab- wrote:
Hello,
I've tried to find the answer to my question using the search feature, but
was unsuccessful.
If it is already answered, please feel free to just point me to the answer.
I am currently studying how to implement XadES XL for detached signatures
over XML documents.
I've been doing some research: I read the XMLDSIG specification, the XadES
specification, and I've
been wondering something:
-in the XMLDSIG specification, it is clearly stated that the X509Data
element can contain a full
certification chain, in the form of a series of X509Certificate elements.
There's even an example:
<X509Data> <!-- certificate chain -->
<!--Signer cert, issuer CN=arbolCA,OU=FVT,O=IBM,C=US, serial 4-->
<X509Certificate>MIICXTCCA..</X509Certificate>
<!-- Intermediate cert subject CN=arbolCA,OU=FVT,O=IBM,C=US
issuer CN=tootiseCA,OU=FVT,O=Bridgepoint,C=US -->
<X509Certificate>MIICPzCCA...</X509Certificate>
<!-- Root cert subject CN=tootiseCA,OU=FVT,O=Bridgepoint,C=US -->
<X509Certificate>MIICSTCCA...</X509Certificate>
</X509Data>
-in the XadES specification, it is said that any certificate of which the
data is already contained
within the KeyInfo element does NOT need to be present in the
CertificateValues element:
"
In principle, the CertificateValues element contains the full set of
certificates that have been used to validate the electronic signature,
including the signer's certificate. However, it is not necessary to include
one of those certificates into this property, if the certificate is already
present in the ds:KeyInfo element of the signature.
"
So, it follows logically that when the X509Data contains the full
certification chain,
the CertificateValues element becomes either empty, or redundant, and thus
worthless.
Isn't this some sort of a clash between the specifications?
I find it a bit confusing to have the CertificateValues element in case
there lacks some
information inside the X509Data, because it means that when validating you
have first
to check if there's everything you need in the X509Data:
if no :
you must determine what is missing and put it in the CertificateValues
element
if yes:
you don't need the CertificateValues element at all.
I think it would have been simpler to impose a particular behavior from one
of these two:
-put the full certification chain in the X509Data
or
-put only the signing certificate in the X509Data
That way when validating you would know exactly what to expect and what to
do.
Now this is only my feeling and I'm still quite new to digital signatures,
so may be
I've missed some points.
Is there something I didn't understand in the specifications? Are my
interpretations
correct?
What should I do in my implementation?
Regards,
Fab
PS:I'm using JSR 105 with JDK 1.5
