RE: [dss] Compound operation Verify & Sign

["jmessing" <jmessing@law-on-line.com>]

What are the other use cases for compound operations?

---------- Original Message ----------------------------------
From: "Edward Shallow" <ed.shallow@rogers.com>
Date:  Sun, 26 Oct 2003 13:55:20 -0500

>Agree with John, but let's split this discussion into 2 separete threads:
>John's below, and the compound operations discussion.
>
>Ed 
>
>-----Original Message-----
>From: jmessing [mailto:jmessing@law-on-line.com] 
>Sent: October 24, 2003 9:06 AM
>To: OASIS DSS TC; Nick Pope
>Subject: Re: [dss] Compound operation Verify & Sign
>
>A note of caution. A VerifyAndSign operation of a DSS server will not meet
>notarization requirements as presently framed in common law countries,
>particularly the US, because the server will only be verifying the validity
>of a first signature and confirming that it validates by affixing its own
>second signature.
>
>In a notarization, determination of an individual's identity as a first
>matter is also required. This currently must be performed by a notary, who
>also makes a second determination that the act of signing was voluntary:
>i.e., the state of mind to an observer of the signer when the signature was
>affixed was such that intent to be bound by the signature can be presumed.
>Determinations appropriately included would be whether there was duress, as
>by a gun pointed to the head of the signer, or the signer was drunk, or was
>babbling incoherently, such that the intent of the signer was questionable.
>Without a radical change of law, this cannot be replaced by a VerifyAndSign
>accomplished in the absence of a human being acting as notary. For a number
>of reasons, it is likely within the US that human notarizarions will
>continue to be required for legal purposes notwithstanding the possibility
>of computerized verify and sign operations . I would therefore caution
>others not assume that a VerifyAndSign operation will facilitate
>notarization techniques. To justify work on such a method, I believe other
>potential uses should be identified first.
>
>---------- Original Message ----------------------------------
>From: "Nick Pope" <pope@secstan.com>
>Date:  Fri, 24 Oct 2003 10:28:11 +0100
>
>>Following the discussion on the <Status> element brings to mind the 
>>discussion we had a few meetings ago on compound (or what Ed called 
>>stacked) operations and particularly the ability to support a 
>>VerifyAndSign operation where a counter signature is applied based on 
>>whether the original signature is valid.
>>
>>I believe that such an operation is important in a number of use cases, 
>>for example, notarisation services.
>>
>>This was brought up at the F2F meeting and was included in the 
>>requirements document (3.9).  My recollection of the discussion on 22 
>>Sept is that the only compound operation that was needed would be 
>>VerifyAndSign, although I see no record of it in the minutes.
>>
>>How do we envisage VerifyAndSign being supported in the DSS protocol?  
>>Is there a way of combining the two request / response structures, or 
>>do we need to define a specific structure which is this combined operation?
>>
>>Nick
>>
>>
>>
>>To unsubscribe from this mailing list (and be removed from the roster of
>the OASIS TC), go to
>http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php
>.
>>
>>
>
>To unsubscribe from this mailing list (and be removed from the roster of the
>OASIS TC), go to
>http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php
>.
>
>
>
>