[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Approach to code-signing profile
Hi Nick
Without getting to philosophical about it, I would prefer to separate the request for a signature from the ownership of the key. Ownership tends to be a business relationship as opposed to a request/response protocol which is easy to define. In other words, I think both scenarios need to be supported by the profile.
Cheers
Pieter
-----Original Message-----
From: Nick Pope [SMTP:pope@secstan.com]
Sent: 20 January 2004 16:12
To: Pieter Kasselman; dss@lists.oasis-open.org
Subject: RE: [dss] Approach to code-signing profile
Pieter,
With the code signing profiles do you expect that the model will be the signing on behalf of the requestor using a key belonging to the server, or would it be the signing key would be specific to the requestor?
Nick
-----Original Message-----
From: Pieter Kasselman [mailto:PKasselman@betrusted.com]
Sent: 20 January 2004 11:11
To: dss@lists.oasis-open.org
Subject: [dss] Approach to code-signing profile
Hi, here is an outline on the approach to the code-signing profile.
<<oasis-dss--csprofile-dicussion-01.doc>>
Cheers
Pieter
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]