[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Re: Indication of Intent / Commitment type
Dallas, If the commitment is to be linked to the key used then "signature policy" may be the appropriate tool. The signature policy is a set of rules on the keys / validatity of a signature with a commitment type. Paul Madsen of Entrust is working on a "abstract" profiling module that may be used with e-seals to support this. A structure for defining signature policies is defined in http://www.faqs.org/rfcs/rfc3125.html. Nick > -----Original Message----- > From: Dallas Powell [mailto:dpowell@tybera.com] > Sent: 08 March 2004 21:27 > To: OASIS DSS TC > Subject: [dss] Re: Indication of Intent / Commitment type > > > I think that the CommitmentType could by adequate to represent what I am > interested in. However, just to clarify what is behind by comment: > > It is my opinion that keys should have different purposes, intents, and > perhaps they can even have different levels of security that are > required to > protect the keys. The need to insure the validity of a signature on a > document that an attorney submits to a court carries less weight than a > signature on a judgement from a judge sending someone to jail for life. > > Some keys can have specific purposes, for example, when an > attorney submits > a document to the court, he may have a key issued where the only intent of > that key is for signing documents that are sent to a specific court. New > Jersey is a good example of this. The courts have established > their own PKI > for the sole purpose of allowing the attorneys to sign documents submitted > to the New Jersey Courts. The policies that protect these keys > is limited. > > Many courts are moving away from signatures due to the complexities of key > management and training. Yet at the same time, I desire to use the same > CommitmentType structure into a legalXML document for courts > that recognize > a login/password as a replacement for signatures. Can this be part of the > structure? > > Another issue that I need addressed in the CommitmentType is whether the > intent of the signature is to approve of the content of a given > document or > to certify the validity of another signature and have no liability of the > content of the document. > > Dallas > > ----- Original Message ----- > From: "Nick Pope" <pope@secstan.com> > To: "OASIS DSS TC" <dss@lists.oasis-open.org> > Cc: "Dallas Powell" <dpowell@tybera.com> > Sent: Monday, March 08, 2004 11:57 AM > Subject: Indication of Intent / Commitment type > > > > Dallas, Ed, DSS members, > > > > Dallas - You had suggested the Indication of Intent as a > parameter of the > > proposed Entity Seal profile. At the discussion today there was the > > suggestion that the XAdES CommitmentType property was appropriate. This > has > > similar semantics is also more controlled in that the semantics needs to > be > > registered through an object identifier. > > > > There was also the suggestion that the CommitmentType was more > appriately > > part of the general "Signature Policy" which can bring together > properties > > and parameters of the signature (e.g. algorithms & key size) with a > > commitment type. > > > > It was questioned whether this area was premature for standardisation. > > > > Ed - You mentioend an earlier discussion on this topic. I couldn't find > > anything specific around this area. Only reference to > Commitment type was > > in a message dated: Wed 14/05/2003 13:44 which was around the > relationship > > between core and profile. Can you help? > > > > DSS Members - Do I represent the discussion correctly? Any further > > thoughts? > > > > Nick > > > > > > > To unsubscribe from this mailing list (and be removed from the > roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_wor > kgroup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]