200 likes | 683 Views
Visual Signature Profile OASIS - DSS-X. Agenda. General Requirements – Digital Signature operation Visual Signature content Verification Operation. General Definition.
E N D
Agenda • General Requirements – Digital Signature operation • Visual Signature content • Verification Operation
General Definition The Digital Signature service will support adding a visual signature inside a given document as part of a digital signature operation. The verification service will supply visual related information and may include visible indication related to the validity of the digital signature.
Document Types Q: Which documents types to support? Today, there are existing standard and proprietary implementations of a visible signature: PDF – a visual signature is part of the PDF standard OFFICE 2007 – OOXML – relatively new implementation TIFF, Office XP/2003 – Proprietary implementations Open Office – Are not familiar with an existing implementation A: The standard will not be limited to a certain type of document
Signature Field Q: Geometry and Visual Structure of the Visible Signature? A Signature field is a “placeholder” for a digital signature and a visible signature. A Signature field is identified by its xs:ID The signature field is located inside the document (page, (x,y) coordinates) and may contain meta information such as the intended structure of the visible signature. A: The “signature field” terminology will be used
Multiple Signatures per doc Q: Multiple visible signature inside a document? A document can be prepared to have many signature field A: As part of the signature operation, a field identification will be given
Field Management operations Q: Support of other operations such as signature field creation, clear an existing signature ? A: No, the profile will support only a digital signature operation. Other “field management” operations may be handled elsewhere.
Usage Scenario Three types of scenarios where identified: Simple Workflow ScenarioThe document already contain signature fields. The client indicates a single field to be signed. Document SubmissionThe document does not have any signature field embedded. The digital signature operation will generate a signature field and then sign it. Complex Signature RequestMixtures of the above scenarios.Q: Will this usages scenario lead to restrictions/conformance levels? For example, the service will not allow creating a signature field in the Workflow scenario.
Vis. Signature displays a dig. Signature Q: Support cases where the Visible Signature encode digital signature information? On some documents type (for example, PDF), the digital signature is based on the visual signature and therefore the digital signature cannot be encoded into the visual signature. A: the profile is flexible so that depending of the document type, it will allow displaying digital sig. content.
Visible Signature content Signer Information – items will be extracted from the signer’s certificate CA information – items will be extracted from the signer’s certificate Signature time Signer’s Related image Additional application information – Reason for the signature operation Digital Signature: Encoded digital signature Scanable digital signature
Visible Signature content The information is either passed to the digital signature service as part of a “document submission” scenario or encoded inside the signature field. The configuration includes sub-elements, each element (text or image) will be incorporated to the signature field in a certain located identified by (x,y) coordinates.
DSSSign operation The profile adds the following information that should be passed to the digital signature service: Document Type: PDF, OOXML, Open Office, … Field ID Visual Signature Position Visual Signature configuration
DSSSign operation – document type Document Content and type – using the <Document> element in the DSSSign request. <Base64Data> will include the document content.The MimeType attribute will include the type of the document. PDF – “application/pdf “ODF – “application/vnd.oasis.opendocument.text”DOCX – “application/vnd.openxmlformats-officedocument.wordprocessingml.document”TIF - image/tiff If the document is sent via <AttachmentReference> the mime type will be taken. Mime Type is a mandatory parameter.
DSSSign operation – optional inputs <xs:complexType name=VisualSignatureConfiguration”> <xs:sequence> <xs:element name=”DocumentID” type=xs:ID” use=”optional”/> <xs:element ref=”FieldName” type=xs:string” use=”optional”/> <xs:element ref=”VisualSignaturePosition” use=”optional”/> <xs:element ref=”VisualSignatureDisplayConfig” use=”optional”/> <xs:element name=”other” type=”dss:AnyType”/> </xs:choice> </xs:complexType> DocumentID will be used if several documents need to be signed. Should the VisualSignaturePosition defined as abstract? If so should the profile include position terminology relevant to document types?
DSSSign operation – Position <xs:element name="VisualSignaturePosition" type=”VisualSignaturePositionType”> <xs:complexType name=VisualSignaturePositionType”> <xs:choice> <xs:element ref=”SimpleVisualSignaturePosition”/> <xs:element name=”other” type=”dss:AnyType”/> </xs:choice> </xs:complexType> <xs:complexType name=SimpleVisualSignaturePosition”> <xs:sequence> <xs:element name=”PageNumber” type=”xs:integer”/> <xs:element name=”TopLeft-X” type=”xs:integer”/> <xs:element name=”TopLeft-Y” type=”xs:integer”/> <xs:element name=”Width” type=”xs:integer” use=”optional”/> <xs:element name=”Height” type=”xs:integer” use=”optional”/> </xs:sequence> </xs:compelxType>
DSSSign operation – Configuration <xs:element name="VisualSignatureDisplayConfig" type=”VisualSignatureDisplayConfigType”> <xs:complexType name=VisualSignatureDisplayConfigType”> <xs:sequence > <xs:element name=”ShowLabels” type=”xs:boolean” use=”optional”> <xs:choice minOccures=”0” maxOccures=”unbounded”> <xs:element ref=”VisualSignatureItem”/> </xs:choice> </xs:sequence > </xs:complexType> <xs:complexType name=VisualSignatureItem”> <xs:sequence> <xs:element name=”ItemName” type=”xs:String”/> <xs:element name=”ItemValue” type=”dss:AnyType” use=”optional”/> <xs:element name=”ItemFont” type=”xs:string” use=”optional”/> <xs:element ref=”ItemPosition” /> </xs:sequence> </xs:compelxType>
DSSSign operation – Configuration <xs:element name="VisualSignatureDisplayConfig" type=”VisualSignatureDisplayConfigType”> <xs:complexType name=VisualSignatureDisplayConfigType”> <xs:sequence > <xs:element name=”ShowLabels” type=”xs:boolean” use=”optional”> <xs:choice minOccures=”0” maxOccures=”unbounded”> <xs:element ref=”VisualSignatureItem”/> </xs:choice> </xs:sequence > </xs:complexType> <xs:complexType name=VisualSignatureItem”> <xs:sequence> <xs:element name=”ItemName” type=”xs:String”/> <xs:element name=”ItemValue” type=”dss:AnyType” use=”optional”/> <xs:element name=”ItemFont” type=”xs:string” use=”optional”/> <xs:element ref=”ItemPosition” /> </xs:sequence> </xs:compelxType>
DSSSign operation – Configuration <xs:complexType name=ItemPosition”> <xs:choice> <xs:element ref=”SimpleVisualSignatureElementPosition”/> <xs:element name=”other” type=”dss:AnyType”/> </xs:choice> </xs:compelxType><xs:complexType name=SimpleVisualSignatureElementPosition”> <xs:sequence> <xs:element name=”TopLeftX” type=”xs:integer”/> <xs:element name=”TopLeftY” type=”xs:integer”/> </xs:sequence> </xs:compelxType> Should the position be defined as an abstract type here as well?
DSSVerify operation Optional Inputs: Field ID – Only the digital signature that is linked to the given signature field is verified. IncludeVisibleIndication – The Verify service will embed a visual indication into the visible signature that indicates the validation status of the digital signature. Optional output: Field ID – The ID of the validated field. DocumentWithSignature: In the case of IncludeVisibleIndication, the updated document is retrieved.
Conformance Is Conformance necessary? Should we take the