[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss] UPU Electronic PostMark user case scenarios
Trevor, see comments below: At 16:28 19/06/2003 -0700, Trevor Perrin wrote: >At 06:26 PM 6/18/2003 -0700, Trevor Perrin wrote: > >Just a thought about how we could implement EPM using the DSS operations. > >With EPM, the sender calls Verify/ApplyPostmark, and the recipient calls >Verify. > >If we were to translate this into DSS terms, I think it would make sense >for the sender to use the DSS Signing Protocol, and pass in a signature and >request a time-marked countersignature. The DSS service would verify the >passed-in signature, and archive it, as a prerequisite to adding its >time-marked countersignature as a "postmark". <JCC>Perhaps I missunderstands what you are saying, but to me it seems that by doing this we would allow to a client to send a request for generating a time-marked countersignature (ie a signature of a signature value) BUT the service would have to perform first a verification of the incoming data? I think that we should add to the requirements on the requests some additional piece of data for complementing the initial request, otherwise the server will have to look at the semantics of what arrives to it, and this seems too complicated to me...</JCC> The recipient would use the >DSS Verification protocol to verify the signature. > >The interesting thing here is that EPM Verify/ApplyPostmark would translate >into DSS Sign, where the Verify part is carried out by the DSS/EPM service >as a prerequisite to signing, but isn't explicitly requested by the sending >client. > > >Trevor > > >You may leave a Technical Committee at any time by visiting http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]