[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Signature Gateway Profile
Where is this useful? > -------- Original Message -------- > Subject: [dss] Signature Gateway Profile > From: Glenn.Benson@chase.com > Date: Mon, November 01, 2004 3:29 pm > To: dss@lists.oasis-open.org > > The Signature Gateway Profile incorporates the concept of a requestor who > sends a signed message to a DSS server. The DSS server validates the > message and executes another signature. What would be the best ways to > handle the following concepts? > > 1. The signature created by the requestor has multiple purposes. One > purpose is authentication; and another purpose is to protect the integrity > of a document included within the request. How should the dual nature of > the signature be referenced in DSS? Should we take advantage of the XML > ref construct by explicitly referencing the same signature from the > SupportingInfo of ClaimedIdentity/RequesterIdentity and the signature of > the document? > 2. Which is the best construct for referencing the signature of the > document? > 3. The same request asks the DSS server to first verify a signature and > then execute another signature. Is this a signature request or a > verification request? > > > > > > > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]