|
|
6 VERS Encapsulated Objects
The core of the VERS Standard is the VERS Encapsulated Object, or VEO. This section introduces the overall design of the VEO and gives some background on its technical and archival features. More information on the VEO can be found in PROS 99/007 Specification 3: VERS Standard Electronic Record Format, and Advice 12 on that Specification.
One way of thinking of VEOs is by considering them as a message sent from the computer that created the VEO to a second computer in the future (which may not even have been built yet).
VEOs are intended to be self-documenting; that is, in 100 years time a technical user can examine the contents of a VEO and extract sufficient information from it to begin the process of extracting the content. To this end, the VEO has the following features:
- Single object. A record is contained within a single computer file. Only that file needs to be examined to understand what the record contains, its relation with other records, and its history. The use of a single file makes it easy to copy the record, and difficult to lose part of the record.
- Textual content. The contents of a VEO are plain ASCII text. As such, the contents can be displayed by the simplest computer programs. Examples of these programs are 'type' in MS-DOS, 'Notepad' and 'WordPad' in Windows, and 'cat', 'vi' and 'more' in Unix. We expect such plain text to be readable indefinitely.
- Textual markup. Each piece of information (metadata) in a VEO is labelled with a descriptive tag intended to indicate the purpose or function of the information. The tags were chosen to be easy to understand; abbreviations, for example, were avoided.
- Embedded documentation. Each VEO contains a number of short pieces of text that describe the technical features of the VEO. These pieces of text provide a summary of the information necessary to implement a viewer for the VEO and, in particular, reference any external specifications necessary. One of the more complex embedded documentations is the description of the digital signature:
The contents of this VEO are signed using the SHA-1 hash algorithm and the DSA
digital signature algorithm. SHA-1 is defined in Secure Hash Standard,
FIPS PUB 180-1, National Institute of Standards and Technology, US Department
of Commerce, 17 April 1995
(http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.pdf).
The DSA algorithm is defined in Digital Signature Standard (DSS), FIPS PUB
186-2, National Institute of Standards and Technology, US Department of
Commerce, 27 January 2000
(http://csrc.nist.gov/publications/fips/fips186-2/fip186-2-change1.pdf).
Details of the public keys are encoded as X.509 certificates in the
vers:CertificateBlock elements. X.509 certificates are defined in "Information
technology - Open Systems Interconnection - The Directory: Public-key and
attribute certificate frameworks," ITU-T Recommendation X.509 (2000).
The signature and certificates are encoded using Base64. Base64 is defined in
Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet
Message Bodies, Section 6.8, Base64 Content-Transfer-Encoding, IETF RFC 2045,
N. Freed & N. Borenstein, November 1996
(http://www.ietf.org/rfc/rfc2045.txt?number=2045).
The signature covers the contents of the vers:SignedObject element starting
with the 'less than' symbol of the vers:SignedObject start tag, up to and
including the 'greater than' symbol of the vers:SignedObject end tag. Before
verifying the signature all whitespace (Unicode characters U+0009, U+000A,
U+000D, and U+0020) must be removed from the text.
back to top
printer friendly
|
