OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [dss] requirements draft 4

This is a fundamental error in my view.

Signatures are particularly legal creatures. I can find no other real world purpose or function. It seems evident to me that one signs in order to create legal obligations and gain the ability to enforce these in the courts, which are also legal institutions.

Removing the necessary legal semantics to create and enforce signatures from a standard ostensibly designed for signatures makes no sense to me at all. 

The underlying technology of digital signatures is not new. The unsolved challenge is to have the technology actually employed for legal and business purposes.

The reformulated language as an approach will do nothing to further the goal.
 
---------- Original Message ----------------------------------
From: Trevor Perrin <trevp@trevp.net>
Date:  Wed, 30 Apr 2003 17:13:49 -0700

>
>
>I updated the draft, mostly just to tighten the language, clean up typos, 
>and mention a couple things like:
>  - extensibility to linking timestamps
>  - the client sending dsig:References for URIs that contribute to the 
>transform chain
>
>However I also changed "3.2.1 Requestor Identity" drastically:
>
>"If the server is not signing with a key specific to the requestor, then 
>the server might want to represent the requestor's name, details of how the 
>requestor authenticated, or other identifying information in signed 
>attributes.  We will not specify how this is done, leaving it to 
>higher-level standards that build on DSS.  Options include an RFC 3280 
>GeneralName in CMS, and a SAML Assertion in XML-DSIG."
>
>This reflects my growing feeling that we shouldn't concern ourselves with 
>the contents and semantics of signatures, but should just focus on the 
>technical issues of sending to-be-signed or was-signed data and retrieving 
>back a signature or verification result.  Doing otherwise seems like a can 
>of worms.
>
>But this is just to spur discussion, if people disagree we'll change it 
>back..
>
>Revision tracking is enabled in the word doc:
>http://trevp.net/dss/dss_requirements_draft_4.doc
>http://trevp.net/dss/dss_requirements_draft_4.pdf
>
>Trevor
>
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]