OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [dss] Scope of electronic signature


At 12:08 PM 9/22/2003 -0400, jmessing wrote:

>The National Conference of U.S. State Court Judges has chosen the storage 
>of simple hashes in a data base coupled with the storage of unspecified 
>authentication methods to create a "signature" for electronic filing 
>purposes. The database relationships create the logical association 
>between the document and the signer. A resolution including this signature 
>solution will most likely be proposed by one or more ABA sections to the 
>House of Delegates at the mid-year meeting in San Antonio. I anticipate 
>that the issue will dominate the meeting.
>I also anticipate that if the ABA adopts such a resolution, then the U.S. 
>federal courts will follow. It is likely that other governmental agencies 
>in the US will then follow the approach.
>
>The question arises whether this is a signature that should be considered 
>within the scope of the work of the TC.

Since the point of our service is for clients to produce & verify 
signatures without knowing or caring what type they are, I hope we can 
support this.

Essentially, this could just be a DSIG where
   <SignatureMethod> is something like "http://www.aba.org/database-sig";
   <SignatureValue> is a database key.
   <KeyInfo> gives the name and perhaps address of a database


The difference vs. a public-key signature is that the client *can't* verify 
the signature on his own, he *has* to use the Verify protocol with the 
server.  But that would be true of symmetric-key, i.e. "MAC" signatures, as 
well.

Trevor



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]