-
Type:
Bug
-
Status: Applied
-
Priority:
Major
-
Resolution: No Action
-
Affects Version/s: ODF 1.2 CD 05
-
Fix Version/s: ODF 1.2 CD 06
-
Component/s: Graphics, Part 3 (Schema) [1.2: 1], Security
-
Labels:None
-
Proposal:
When the xlink:href form of <draw:image> is used, the image is not captured in the document markup.
That means that any digital signature of the markup does not include the image that may have been presented to the user, it only includes the xlink:href that is not to content that is part of the signed material.
In this case, an user that requests the document be signed may believe that the image that is presented is included in that signature. Alternatively, an user can repudiate that the document with a particular image presented is the one that was signed, because the image itself is not covered by the document signature.
One way for a producer to safeguard that is to include a cache of the image that was rendered (if it was rendered) in the <draw:image> element in some way. There is no provision for such a means of assuring, by it being included in the signature, that the user signed the document as seen when that particular image was presented.