The least significant component of the result code.
[Optional]
A message which MAY be returned to an operator, logged, used for debugging, etc.
minOccurs="0"/>
type="dss:InternationalStringType" minOccurs="0"/>
The URIs MUST be values defined by this specification or by some profile of this specification. The values defined by this specification are:
urn:oasis:names:tc:dss:1.0:resultmajor:Success
The protocol executed successfully.
urn:oasis:names:tc:dss:1.0:resultmajor:RequesterError
The request could not be satisfied due to an error on the part of the requester.
urn:oasis:names:tc:dss:1.0:resultmajor:ResponderError
The request could not be satisfied due to an error on the part of the responder.
urn:oasis:names:tc:dss:1.0:resultmajor:InsufficientInformation
The request could not be satisfied due to insufficient information.
In case of doubt of who is responsible a urn:oasis:names:tc:dss:1.0:resultmajor:ResponderError is assumed.
This specification defines the following values, that are listed below, grouped by the respective associated code.
One of the following values MUST be returned when the code is Success.
urn:oasis:names:tc:dss:1.0:resultminor:valid:signature:OnAllDocuments
The signature or timestamp is valid. Furthermore, the signature or timestamp covers all of the input documents just as they were passed in by the client.
urn:oasis:names:tc:dss:1.0:resultminor:valid:signature:NotAllDocumentsReferenced
The signature or timestamp is valid. However, the signature or timestamp does not cover all of the input documents that were passed in by the client.
urn:oasis:names:tc:dss:1.0:resultminor:invalid:IncorrectSignature
The signature fails to verify, for example due to the signed document being modified or the incorrect key being used.
urn:oasis:names:tc:dss:1.0:resultminor:valid:signature:HasManifestResults
The signature is valid with respect to XML Signature core validation. In addition, the message also contains VerifyManifestResults.
Note: In the case that the core signature validation failed no attempt is made to verify the manifest.
urn:oasis:names:tc:dss:1.0:resultminor:valid:signature:InvalidSignatureTimestamp
The signature is valid however the timestamp on that signature is invalid.
The following values is suggest MAY be returned when the code is RequesterError.
urn:oasis:names:tc:dss:1.0:resultminor:ReferencedDocumentNotPresent
A ds:Reference element is present in the ds:Signature containing a full URI, but the corresponding input document is not present in the request.
urn:oasis:names:tc:dss:1.0:resultminor:KeyInfoNotProvided
The required key information was not supplied by the client, but the server expected it to do so.
urn:oasis:names:tc:dss:1.0:resultminor:MoreThanOneRefUriOmitted
The server was not able to create a signature because more than one RefUri was omitted.
urn:oasis:names:tc:dss:1.0:resultminor:InvalidRefURI
The value of the RefURI attribute included in an input document is not valid.
urn:oasis:names:tc:dss:1.0:resultminor:NotParseableXMLDocument
The server was not able to parse a Document.
urn:oasis:names:tc:dss:1.0:resultminor:NotSupported
The server doesn’t recognize or can’t handle any optional input.
urn:oasis:names:tc:dss:1.0:resultminor:Inappropriate:signature
The signature or its contents are not appropriate in the current context.
For example, the signature may be associated with a signature policy and semantics which the DSS server considers unsatisfactory.
Further values for associated with code
urn:oasis:names:tc:dss:1.0:resultmajor:RequesterError are left open to the implementer or profile to be defined with in their namespaces.
The following values MAY be returned when the code is ResponderError.
urn:oasis:names:tc:dss:1.0:resultminor:GeneralError
The processing of the request failed due to an error not covered by the existing error codes. Further details should be given in the result message for the user which may be passed on to the relevant administrator.
urn:oasis:names:tc:dss:1.0:resultminor:invalid:KeyLookupFailed
Locating the identified key failed (e.g. look up failed in directory or in local key file).
Further values for associated with code
urn:oasis:names:tc:dss:1.0:resultmajor:ResponderError are left open to the implementer or profile to be defined within their namespaces.
The following values MAY be returned when the code is InsufficientInformation.
urn:oasis:names:tc:dss:1.0:resultminor:CrlNotAvailiable
The relevant certificate revocation list was not available for checking.
urn:oasis:names:tc:dss:1.0:resultminor:OcspNotAvailiable
The relevant revocation information was not available via the online certificate status protocol.
urn:oasis:names:tc:dss:1.0:resultminor:CertificateChainNotComplete
The chain of trust could not be established binding the public key used for validation to a trusted root certification authority via potential intermediate certification authorities.