OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: EPM (was RE: [dss] freezing doc, and next steps)


[I tried to send this to the list Sunday but had ISP problems, Steve Gray 
has already responded to it...]

At 02:00 PM 5/30/2003 -0400, Robert Zuccherato wrote:

>I have just posted to the TC website two documents from Steve Gray relating
>to the USPS EPM.  I would encourage TC members to take a look at these as we
>will discuss the EPM at the meeting on Monday.
>
>The EPM Project Overview Powerpoint presentation is available at:
>http://www.oasis-open.org/apps/org/workgroup/dss/download.php/2345/EPM%20Pro
>ject%20Overview%20May%202003%20V3Short.ppt
>
>What is the Electronic Postmark Word document is available at:
>http://www.oasis-open.org/apps/org/workgroup/dss/download.php/2346/What%20is
>%20the%20Electronic%20PostMark%20V4.doc


These docs give a high-level overview, and the schema gives low-level 
details.  I'm still having trouble figuring out the middle level, of how 
the various operations fit together into usage scenarios, and what sort of 
key distribution and trust relationships are assumed.

Here's what it seems like the primary use scenario is:
  - signer has cert, keypair
  - signer signs document with keypair
  - signer sends pkcs7 signature to EPM (using "Verify" / "ApplyPostmark")
  - EPM time-stamps (aka "post-marks") the signature, and returns it
  - EPM also retains the signature
  - Later on, the recipient receives the document
  - The recipient sends pkcs7 signature to EPM (using "CheckIntegrity")
  - EPM compare pkcs7 with what it stored in its "non-repudiation log"

There's also an "external Sign" where the EPM signs using a service-held 
keypair (and perhaps post-marks), replacing the first few steps.  Also 
there's the ability to use XML-DSIG instead of PKCS7.

Questions:
  - does the recipient have to contact the same EPM service the signer did?
  - If so, and the EPM has to log everything, and compare against this log, 
why doesn't it just store the hash, what's the point of using public-key 
signatures?
  - does the "Verify" operation actually verify the signer's signature?
  - does the recipient ever call "Verify"?  If so, what's the difference 
between that and "CheckIntegrity"?
  - what kind of CAs and PKI are assumed?  Can the signer use his current 
Verisign cert, or does he need a special EPM cert?
  - will there be one EPM service per country or per smaller/larger 
regions?  Will they be operated by the posts, or could a 
company/organization host its own?  What sort of trust relationships do 
different EPM services have with each other?

Trevor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]