[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [dss] Use case for DSS signature verification
Hi, following the call for more use cases, here is a general use case for delegated signature verification: Delegated Signature Verification ---------------------------------------------- A client may receive a digital signature that has to be verified. It does not have a trust relationship with the signer, is unable to establish such a trust relationship or does not have the required processing logic available (i.e. does not support the signature algorithm used). Instead it has a single trust relationship with a DSS gateway/server (e.g. it has a certificate or public key for the DSS server/gateway using an algorithm it is familiar with). It submits the signature to the DSS server, and optionally specifies the policy under which the signature must be validated. The DSS server has more complex processing capabilities and trust relationships which it uses for signature validation. Following the validation of the signature the DSS server returns a valid/invalid response to the client. The response may include additional information such as reason codes for failure, information on the policy used for validation (i.e. a URL pointing to the policy or the policy itself) and other information that may be useful to the client. The response is signed by the DSS gateway/server and returned to the client. The client can validate the signature of the DSS gateway using its existing trust relationship. Cheers Pieter -------------------------------- Pieter Kasselman Baltimore Technologies Ltd 39-41 Parkgate Street Dublin 8 Dublin Ireland Tel: + 353 881 6726 e-Mail: pkasselman@baltimore.com www: http://www.baltimore.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC