> On Sep 29, 2021, at 5:01 PM, Dave Fisher <wave4d...@comcast.net> wrote:
>
>
>
> Sent from my iPhone
>
>> On Sep 29, 2021, at 4:42 PM, Regina Henschel <rb.hensc...@t-online.de> wrote:
>>
>> Hi Dave,
>>
>> Dave Fisher schrieb am 30.09.2021 um 00:11:
>>> This document was not signed using the ODF 1.2 or 1.3 specification.
>>> Instead LO implements its own extension.
>>> PGPData
>>> xmlns:loext="urn:org:documentfoundation:names:experimental:office:xmlns:loext:1.0”
>>
>> Which version of LibreOffice? For ODF 1.3 you need LibreOffice 7.0, some
>> additions are in 7.1 and 7.2.
>
> Pedro used LO 6.4.7.
>
> I need to inspect an LO 7.2 PGP signed odt.
Pedro sent me a LO 7.2.1 PGP signed odt and it also uses the loext xmlns.
It would be good to understand how xmlns extensions fit into the ODF
specifications.
>>
>>> This replaces X509Data when PGP signing is done in LO. I wonder if we can
>>> implement this without looking at their code.
>>
>> I don't know whether signatures use the same as OpenPGP encryption. But
>> Thorsten Behrens told me, that LibreOffice uses the gpgme library and that
>> it needs to be included in the distribution at least on Windows and Mac. But
>> gpgme has LGPLv2+ license. So I think, use of LibreOffice's solution is not
>> possible for Apache OpenOffice.
>
> That approach would require an extension provided by a 3rd party or an
> exception to Apache Release Policy.
>
> BouncyCastle/Java could be an alternative as well.
>
> Regards,
> Dave
>
>
>>
>> Kind regards
>> Regina
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
>> For additional commands, e-mail: dev-h...@openoffice.apache.org
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
