[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] RE: EPM (was RE: [dss] freezing doc, and next steps)
Steve, Thanks for the clarifications. A few more questions- At 05:24 PM 6/3/2003 +0200, Gray Steve wrote: >Please refer to my responses to Trevor's questions below, marked with <UPU> > >-----Original Message----- >From: Trevor Perrin [mailto:trevp@trevp.net] >[...] > - If so, and the EPM has to log everything, and compare against this log, >why doesn't it just store the hash, what's the point of using public-key >signatures? > ><UPU> >I assume you are asking this question in the context of the CheckIntegrity. >This context is too narrow and cannot be used to generalize. The >CheckIntegrity operation was introduced to support Web-based form signing >under the scenario where the subscribing application is serving the page to >be signed to the client browser and the verification is going off to the EPM >for verification. The application can subsequently reasssure itself that the >data that it presented for signing was indeed what was actually signed by >calling the EPM with a CheckIntegrity passing in the original data. >Secondly, and more importantly, there exists no legally binding precedence >for the validity of digital hashes, there is for digital signatures. ></UPU> Are you saying that the client browser goes to an EPM to sign the form, and then the web app calls CheckIntegrity to ensure that the client browser signed what was presented? > - what kind of CAs and PKI are assumed? > ><UPU> >Technically, there are no assumptions outside of X.509v3 certs. Numerous CRL >and CRL/DP approaches are supported. >A chain of trust is assumed between senders and receivers. In the Postal >deployment scenario, Postal CAs use the same, subordinate, or cross-certify >to a Common Global Trust Model (CP and CPS) maintained by the UPU. ></UPU> It sounds like the EPM protocol could be used in different settings, but there's a particular "Postal Deployment Scenario" which requires a mandated core of EPM functionality, and is going to involve various national-scale CAs cross-certifying with a UPU bridge/root CA. Is this right? I assume you'll tell us more about the web-based signing scenario and other usage scenarios in your use case input, so I'll just ask about specifics: - The sender's EPM stores certain data about the signed document, indexed by TransactionKey, so that when the recipient comes to this EPM and requests to Verify the message, the sender could be notified, or the request will at least be logged. But if the recipient goes to his own EPM service to Verify, and not the sender's, then how is notification and non-repudation of receipt accomplished? - How is the ParticipatingParty list used in different use cases? Its function isn't clear to me. - For the "Verify" operation, the client sends a "pkcs7data". Is this just a pkcs7 signature encapsulating the signed data? Does that mean detached signatures aren't supported? Have you considered client-side hashing as an option? (the client sends a hash of the content instead of the content itself). This could be supported for both Sign and Verify, and gives advantages in efficiency and privacy. - For the "Encrypt" and "Decrypt" operations, have you similarly considered client-side symmetric encryption (the client sends only the symmetric key for enveloping when encrypting, and sends only the envelope for decrypting; same advantages as client-side hashing). - If the Sign operation occurs using the Postal Admin's private signing key, then does the recipient of the document receive any information on the identity of the client who requested the signature be performed? If not, what good is the signature? If so, how is this information transmitted (for DSS, we're thinking that the client requesting the signature must authenticate to the server, and the server inserts the client's name into the signature as a signed attribute). - What's an eVerifier? - The Locate and Encrypt operations let you specify the recipient with a DN or URL. Why not an email address? (or can you include the email address as an URL?) I'm surprised the docs you sent us don't mention EPM in the context of secure email, but instead talk about document applications like Office, Acrobat, etc... - Is the EPM protocol intended to be used over something like TLS, or WS-Security? - It seems the "normal" use of EPM assumes a global PKI, and that end-users have their own certs/keypairs. Operations like "Sign" and "Decrypt", which use certs/keypairs stored at the EPM, are optional. How important are these operations to the parties who are designing, and intend to deploy, EPM? Are they expected to be rarely supported and hardly ever used, or to be an important part of the system? Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]