[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ebxml-msg] Investigation Required: Trusted Timestamp
Add to the mix the OASIS Digital Signature Services TC, which has as part of its charter: "[T]he TC will develop an XML-based protocol to produce cryptographic time stamps that can be used for determing whether or not a signature was created within the associated key's validity period or before revocation. This is required as part of the signature verification algorithm." Such a protocol is outside our scope, but presumably they have defined a signed timestamp element that could be inserted into a message. Does ebMS have a delegate to the Security Joint Committee? We might poll them to get opinions on this. --Pete Thus spoke Dale Moberg (dmoberg@cyclonecommerce.com) on Thu, May 20, 2004 at 09:00:17AM -0700: > I have looked at Internet X.509 Public Key Infrastructure Time-Stamp > Protocol (TSP) > http://www.ietf.org/rfc/rfc3161.txt > > But I haven't seen anyone saying how or whether SOAP based > communications makes use of > (or more likely reinvents) the above service. > > WSS does have a time stamp element, but I don't think it is geared to > provide independent assurance that data existed before a given time like > RFC 3161 does. > > Should we reference RFC 3161? Maybe ask WSS TC if they plan on taking > this topic up sometime? > Anyway I don't think there is any standard that has a lot of traction > yet. Google showed that > there could be some products out there that provide RFC 3161 support. > > > -----Original Message----- > From: Matthew MacKenzie [mailto:mattm@adobe.com] > Sent: Thursday, May 20, 2004 6:04 AM > To: ebxml-msg@lists.oasis-open.org > Subject: [ebxml-msg] Investigation Required: Trusted Timestamp > > > 2.0 says: > > > "At the time of this specification, services offering trusted timestamp > capabilities are becoming available. Once these become more widely > available, and a standard has been defined for their use and expression, > these standards, technologies and services will be evaluated and > considered for use in later versions of this specification." > > > 3.0 should say: > > ? -- Pete Wenzel <pete@seebeyond.com> Senior Architect, SeeBeyond Standards & Product Strategy +1-626-471-6311 (US-Pacific)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]