[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] JPMorgan/RSA message
> In the example, Ke was the public key. > Thanks Trevor. I missed that. So the Signature Gateway has the private key? Nick > -----Original Message----- > From: Trevor Perrin [mailto:trevp@trevp.net] > Sent: 18 October 2004 08:15 > To: dss@lists.oasis-open.org > Subject: RE: [dss] JPMorgan/RSA message > > > At 08:24 PM 10/17/2004 +0100, Nick Pope wrote: > >Glen, > > > >Your input are very useful in bringing in a fresh perspective on > what we are > >doing in DSS. > > > >Firstly, can I check that I have a proper understanding of the > operation of > >the PSTP protocol. Is the private key used to protect the symmetric keys > >(referred to as Ke) loaded up to the client system within the Applet / > >Active X code, or loaded separately into the client system by some other > >means? > > In the example, Ke was the public key. > > > >Secondly, I like the idea of the Signature Gateway profile. I > can see this > >have a wide number of uses, taking a signature, adding information on its > >validity and applying a second signature. > > Yeah, this is another example of Verify-then-Sign (use Verify protocol, > with the <ReturnUpdatedSignature> option). > > > >Do I understand the proposed operation of the Secure Gateway is > an in-line > >message service. Would this be using SOAP or similar protocol? The DSS > >currently operates on a request / response with the response > going back to > >the original client. > > Yeah, we need to drill into this more (where exactly DSS fits in > an inline > Signature Gateway). > > > Trevor > > > > To unsubscribe from this mailing list (and be removed from the > roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_wor > kgroup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]