[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: 'Re: [dss-x] Your views on Signed Verification Response profile requirements document
Hi Marta, that' s a very interesting approach ! As you might know that the 'German Sig Profile' is targeting in the same direction : Make a statement about the legal value of a signature / create a statement following a specific legal policy. The major problem I see is the enumeration of all legal variants ( even if we restrict ourselves to the EU ) . Giving just a two-letter-country-code won't be sufficient. If you ( or anyone else ) sees a possibility to somehow progress in that direction I'll be with you ... Greetings Andreas ----- Original Message ---- From: Marta Cruellas <mcruellas@catcert.net> To: Andreas Kuehne <kuehne@trustable.de> Cc: dss-x@lists.oasis-open.org Sent: Monday, November 12, 2007 4:48:55 PM Subject: RE: [dss-x] Your views on Signed Verification Response profile requirements document Dear Andreas, About this use case you suggested: sometime ago we defined a SAML assertion ("SignatureStatement") which includes new elements used in support of signature federations. Using these elements, the SAML asserting authority grants a relying party that a valid signature has been produced for a concrete purpose in a concrete jurisdiction, and proper evidence has been produced and is archived. Please, find attached the document describing this "SAML Signature Statement". Do you think it could be interesting to define a new "SignatureStatment" DSS profile? We think so... Best regards, Marta -----Mensaje original----- De: Andreas Kuehne [mailto:kuehne@trustable.de] Enviado el: domingo, 11 de noviembre de 2007 17:29 Para: Huehnlein, Detlef CC: dss-x@lists.oasis-open.org Asunto: Re: [dss-x] Your views on Signed Verification Response profile requirements document Hi Detlef, > In a typical DSS-scenario (at least as I understood DSS so far) the > client will (at the moment he uses DSS) not be able to generate or > verify (the required type of) signatures, because otherwise he would > not use DSS at all. I can think of an additional usecase : The client knows how to verify a very limited set of signatures, bur needs to proof a certain signature outside its scope. So the client uses a trusted DSS verification server to do the verification. E. g. it's quite a hassle to be sure about the legal valie of a foreign signature even within the EU. So a verification service with proven authentity of the result seem useful to me. Greetings Andreas ___________________________________________________ Andreas Kühne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna Amtsgericht Hamm HRB 5868 Directors Andreas Kühne Heiko Veit Company UK Company No: 5218868 Registered in England and Wales
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]