Chapter 14, Security, Control, and Digital Signatures
XFA Specification
Signed Forms
413
part or all of any of the packets written out to XDP (“XDP
Such packets include
dataSets, config, and localeSet.
XML digital signatures adopt the mechanism specified by
[XMLDSIG-CORE],
which is an XML-specific
mechanism. The signature handler digests the XML prior to being written out as XDP. This distinction is
important relative to data, which has one form in the XFA Data DOM and another (possibly) different form
in the XML Data DOM. Such differences exist for the following reasons:
●
●
XSLT transformations
Before rich text in the XML Data DOM is brought into the XFA Data DOM, it is converted into plain text.
This separation is described in
“Representing Rich Text in the XFA Data DOM” on page 188.
Hypertext references in image objects () and rich text are resolved in the XFA Form DOM, but not in the
XML Data DOM. As a result, the data in such references is omitted even if the entire form is included in
the manifest.
●
It is an error to specify a manifest for an XML digital signature that includes a node that is not written out.
For example, the manifest must name neither data nodes that are marked transient nor other form
properties that are never written out.
Signature destination
The
signData ref
property specifies the location where the
Signature
element is to be stored (if the
signData
operation is
"create"
) or has been stored (if the
signData
operation is
"clear"
or
"verify"
).
It is recommended that
Signature
elements be placed within the
datasets
element, but outside the
data
element which is the child of
datasets
. Multiple sibling
Signature
elements can be
accommodated. The signatures are distinguished by XML ID, not by element name, in keeping with the
dictates of
[XMLDSIG-CORE]. See “The datasets Element (an XDP Packet)” on page 791.
Occasionally, it is necessary to place a signature in a location that will not travel with the data. In this case
Signature
elements may be placed as XDP packets, that is, as children of the XDP’s root
xdp
element.
See “The signature Element (an XDP Packet)” on page 792.
XFA-Specific Information in the XML Digital Signature
XML digital signatures generated by XFA processors contain additional information beyond that required
by
[XMLDSIG-CORE].
The additional information uses namespaces other than the namespace for XML
signatures so it does not interfere with generic signature processing. The additional information that is
included is:
●
●
Date and time of signing
A reason for signing.
The reason for signing must be selected from a list of possible reasons which is descended from the
reasons
subproperty of the
filter
property of the
signData
object. For example, if the template
contains the following fragment:
<field ...>
<event ...>
<signData operation ="sign" ...>
...
<filter>
<reasons ...>
<reason>Requested</reason>
<reason>Approved</reason>