OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Clarification on scope please - What is DSS claiming to be in relation to legally binding signatures to people for Non Repudiation

Dear Colleagues

I am seeking general feedback and opinions in relation to the issue of
Non-Repudiation (and yes, technically everything can be repudiated)

The Posts, through the development of the EPM are addressing requirements so
that digital signatures can replace handwritten signatures so that legal
documents can remain in electronic form. This is not just a legal issue. It
is also a business risk issue. For example, my use case describing the Non
Disclosure Agreement describes an end-to-end process of a legal electronic
document being created.  The NDA could easily be a contract worth millions
of dollars and therefore significant business risk. 

Our objective is to define standards that support the concept of legally
binding Non-Repudiation services using digital signatures for electronic
documents, transactions, etc.

This objective is based on strong market validation involving governments,
business, software vendors, etc.  But we must address more than just pure
technical issues. We must also be making a strong statement about the legal
value of an electronic document or message that is digitally signed, by
combining information about Who, What When, Why and the strength of the
process in gathering this information.   A strong chain of trust mitigates
the business risks.  

Basically we need standards with Non-Repudiation in scope, but if the DSS is
focused on too low a level it may be too generic and therefore weaken the
perception of Non-Repudiation.

So my question to the TC ;

- Is Non-Repudiation clearly within the scope of DSS as a formal User
requirement

Perhaps John Messing could also comment from a legal perspective in relation
to the eNotarisation use case and the Legal XML TC as to if/how/where you
think legally binding Non Repudiation belongs for use cases involving
significant business risk.


Regards


Steve Gray




> _________________________________________________
> Steve Gray
> Program Manager, e-Business 
> Postal Technology Centre
> International Bureau of the Universal Postal Union
> Weltpoststrasse 4
> 3000  Bern  15
> Switzerland
> 
> Tel:	+41 31 350 3116	(Direct)
> Tel: 	+41 31 350 3111	(Switchboard)
> Fax: 	+41 31 352 4323
> e-mail: 	steve.gray@upu.int
> Web:	http://postinfo.upu.org
> 	http://www.upu.int
> 
> 
> 
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]