OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: 'Re: [dss-x] Your views on Signed Verification Response profile requirements document

Hi Marta,

that' s a very interesting approach ! As you might know that the 'German 
Sig Profile' is targeting in the same direction :
Make a statement about the legal value of a signature / create a 
statement following a specific legal policy.

The major problem I see is the enumeration of all legal variants ( even 
if we restrict ourselves to the EU ) . Giving just a 
two-letter-country-code won't be sufficient.

If you ( or anyone else ) sees a possibility to somehow progress in that 
direction I'll be with you ...



----- Original Message ----
From: Marta Cruellas <mcruellas@catcert.net>
To: Andreas Kuehne <kuehne@trustable.de>
Cc: dss-x@lists.oasis-open.org
Sent: Monday, November 12, 2007 4:48:55 PM
Subject: RE: [dss-x] Your views on Signed Verification Response profile 
requirements document

Dear Andreas,

About this use case you suggested: sometime ago we defined a SAML
assertion ("SignatureStatement") which includes new elements used in 
of signature federations. Using these elements, the SAML asserting
authority grants a relying party that a valid signature has been 
for a concrete purpose in a concrete jurisdiction, and proper evidence
has been produced and is archived.

Please, find attached the document describing this "SAML Signature

Do you think it could be interesting to define a new
"SignatureStatment" DSS profile? We think so...

Best regards,

-----Mensaje original-----
De: Andreas Kuehne [mailto:kuehne@trustable.de]
Enviado el: domingo, 11 de noviembre de 2007 17:29
Para: Huehnlein, Detlef
CC: dss-x@lists.oasis-open.org
Asunto: Re: [dss-x] Your views on Signed Verification Response profile
requirements document

Hi  Detlef,

>  In a typical DSS-scenario (at least as I understood DSS so far) the
>  client will (at the moment he uses DSS) not be able to generate or
>  verify (the required type of) signatures, because otherwise he would
>  not use DSS at all.

I can think of an additional usecase :
The client knows how to verify a very limited set of signatures, bur
needs to proof a certain signature outside its scope. So the client
a trusted DSS verification server to do the verification. E. g. it's
quite a hassle to be sure about the legal valie of a foreign signature
even within the EU. So a verification service with proven authentity of

the result seem useful to me.



Andreas Kühne
phone: +49 177 293 24 97
mailto: kuehne@trustable.de

Trustable Ltd.
Niederlassung Deutschland
Ströverstr. 18 - 59427 Unna
Amtsgericht Hamm HRB 5868

Andreas Kühne
Heiko Veit

Company UK
Company No: 5218868
Registered in England and Wales

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]