Previous section.

Common Security: CDSA and CSSM, Version 2 (with corrigenda)
Copyright © 2000 The Open Group

Signed Manifests

Extensions to the JavaSoft/Netscape Specification

The JavaSoft signed manifest specification states that:
"It is technically possible that different entities may use different signing algorithms to share a single signature file. This violates the standard, and the extra signature may be ignored."

The Intel-signed manifest specification allows multiple signers to be included in the PKCS#7 signature block as long as each signer is signing the same manifest sections.

The only recognized valid MAGIC value for this specification is UsesMetaData.

Core Set of Name:Value Pairs

Name
This token specifies the referent for the manifest section.

SectionName
This token is informational only to the section it appears in.

(Digest algorithm ID)
Well-known digest algorithm identifiers are:
MD5, SHA, SHA1, MD2, MD4

Ordered-Attributes
This token specifies that some metadata values appearing within this manifest section must be processed in an order-specific manner. The order indicated is relative to the signing operation. The verification operation must reverse the order indicated.

MAGIC
This token is used as a general flagging mechanism. The only associated value is UsesMetaData.

Integrity
DublinCore
These tokens specify metadata contexts within which the name:value pairs have meaning.
SchemaInfo
This is a well known name that should be defined in every metadata set. It points to a resource that provides human readable text describing the metadata set. For instance:


Integrity-SchemaInfo: http://developer.intel.com/ial/security/ \ IntegritySchema.html

points to a resource where a human readable description of the Integrity set resides.

Metadata

Metadata is used to qualify the referent by providing additional information that cannot be included in the name. The definition of valid metadata values is an ongoing effort.
This specification
incorporates the Dublin Core metadata set
and a new Integrity Core set to describe the integrity of the referents.

Integrity Core

The Integrity Core is a set of minimal values used to describe the integrity of information resources. The metadata name for this set is Integrity.

The core elements are:

Integrity-VerifyData

This token describes how to retrieve the referent object for hashing. Valid values are:

Integrity-TrustedSigner

A token defines trusted signers for signed dynamic data sources. The signer must be described in another manifest section as an information resource. The value for this name:value pair must be the value of the referent (the value of the Name token) in the manifest section where the trusted signer is described.

Integrity-VerifyIntegrity

This token is used to create descriptions, which cannot be expressed using VerifyData or TrustedSigner. Valid values are:

Integrity-NamedSectionForm

This token defines the format of the partial section to be hashed. This is used to describe integrity of a portion of a compound object, such as a Microsoft PowerPoint slide residing in a Microsoft Word document.

Integrity-NamedSection

This token identifies the section to be hashed.

Integrity-Envelope

This token indicates that the referent itself is a signed object, where the signature envelopes the object or is embedded within the object. Valid values are:

Integrity-ResourceProxy

This token indicates that the location of the referent object changes over time. An example is an executable image. To describe the integrity of the object, a manifest must correctly reference the object as a file (which is far away) and as a loaded, executing memory image (which is nearby).

Dublin Core

Details of the specification of the Dublin Core set are outside the scope of this document.

PKWARE Archive File Format Specification

Details of the PKWARE archive format are outside the scope of this document.

Contents Next section Index