This is a mirror of official site: http://jasper-net.blogspot.com/

Office 2010 Digital Signatures and XAdES

Posted by jasper22 at 11:50 | Tuesday, June 1, 2010
Shelley Gu, the program manager for Office signatures, has already posted the PM version of what we've done to improve digital signatures in the Office 2010 Engineering blog back in December. Her post is here. While Shelley did a nice job of an overview for the average user, I'd like to dive a bit more into detail. I also noticed that there are a bunch of comments to her post that haven't been answered, and I'll do that in a following post here.

While there have been a number of improvements, the biggest change has been the addition of XAdES. XAdES is an extension to the XML-DSig that provides for a number of improvements, and allows for very long-lived signatures. The first specification for XAdES showed up at http://www.w3.org/TR/XAdES/, and dates back to 2003. The full, most recent specification is 1.4.1, and can be found at http://uri.etsi.org/01903/v1.4.1/ts_101903v010401p.pdf. It takes a bit of poking around to find the exact link to the PDF, but I confirmed that the link worked and is valid as of this writing (5/30/2010).

Getting XAdES into Office turned out to be a bit of an adventure. It started off with a request to add time stamping support, and it all had to be done in a big hurry, and we'd decided not to use XAdES, because it was supposedly hard. The first iteration was very non-standard. Once I'd gotten it done, then all of a sudden we just had to use XAdES, and we were in a big hurry for that, too. Some grumbling ensued, but I went off and did it. We first implemented up to XAdES-T (explained in a moment), which is what shipped in beta 2. Some time passed, Shelley came along, and then we decided we just had to have nearly full XAdES support, taking us up to XAdES-X-L, and that needed to be done in a hurry, too (are you sensing a theme?). Getting that part done happened after beta 2, which was just short of a miracle – not much makes the bar at that stage of the game. We've ended up with XAdES support for Word, Excel, PowerPoint and InfoPath.

Read more: David LeBlanc's Web Log

Posted via email from jasper22's posterous

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)