[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Compound operation Verify & Sign
What are the other use cases for compound operations? ---------- Original Message ---------------------------------- From: "Edward Shallow" <ed.shallow@rogers.com> Date: Sun, 26 Oct 2003 13:55:20 -0500 >Agree with John, but let's split this discussion into 2 separete threads: >John's below, and the compound operations discussion. > >Ed > >-----Original Message----- >From: jmessing [mailto:jmessing@law-on-line.com] >Sent: October 24, 2003 9:06 AM >To: OASIS DSS TC; Nick Pope >Subject: Re: [dss] Compound operation Verify & Sign > >A note of caution. A VerifyAndSign operation of a DSS server will not meet >notarization requirements as presently framed in common law countries, >particularly the US, because the server will only be verifying the validity >of a first signature and confirming that it validates by affixing its own >second signature. > >In a notarization, determination of an individual's identity as a first >matter is also required. This currently must be performed by a notary, who >also makes a second determination that the act of signing was voluntary: >i.e., the state of mind to an observer of the signer when the signature was >affixed was such that intent to be bound by the signature can be presumed. >Determinations appropriately included would be whether there was duress, as >by a gun pointed to the head of the signer, or the signer was drunk, or was >babbling incoherently, such that the intent of the signer was questionable. >Without a radical change of law, this cannot be replaced by a VerifyAndSign >accomplished in the absence of a human being acting as notary. For a number >of reasons, it is likely within the US that human notarizarions will >continue to be required for legal purposes notwithstanding the possibility >of computerized verify and sign operations . I would therefore caution >others not assume that a VerifyAndSign operation will facilitate >notarization techniques. To justify work on such a method, I believe other >potential uses should be identified first. > >---------- Original Message ---------------------------------- >From: "Nick Pope" <pope@secstan.com> >Date: Fri, 24 Oct 2003 10:28:11 +0100 > >>Following the discussion on the <Status> element brings to mind the >>discussion we had a few meetings ago on compound (or what Ed called >>stacked) operations and particularly the ability to support a >>VerifyAndSign operation where a counter signature is applied based on >>whether the original signature is valid. >> >>I believe that such an operation is important in a number of use cases, >>for example, notarisation services. >> >>This was brought up at the F2F meeting and was included in the >>requirements document (3.9). My recollection of the discussion on 22 >>Sept is that the only compound operation that was needed would be >>VerifyAndSign, although I see no record of it in the minutes. >> >>How do we envisage VerifyAndSign being supported in the DSS protocol? >>Is there a way of combining the two request / response structures, or >>do we need to define a specific structure which is this combined operation? >> >>Nick >> >> >> >>To unsubscribe from this mailing list (and be removed from the roster of >the OASIS TC), go to >http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php >. >> >> > >To unsubscribe from this mailing list (and be removed from the roster of the >OASIS TC), go to >http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php >. > > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]