OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [ebxml-msg] About notary function of intermediaries

Hi Pim,

I took a quick look at the DSS group site and a presentation on it.  
Based on that presentation I think that DSS is more about the  
delegation of security functions. That is somewhat different then the  
notary function I meant. What I can imagine is an intermediairy that,  
like a kind of notary, also sets its signature to indicate the  
validity of the message content. To me that looks different from the  
DSS functionality.

However I think both type of intermediaries can be useful in certain  
scenarios. To me DSS will likely be an internal intermediairy within  
an entity and the notary external between two communicating partners.

During the calls we discussed this kind of functionality and whether  
this should be within the scope of ebMS. As this functionallity looks  
more to be on the business level than on the message level. Maybe its  
better to do this with multi-party collaborations and describe them  
using CPA's if possible.


On 23 okt 2007, at 18:02, Pim van der Eijk wrote:

> Hello Sander,
> A similar concept is being discussed in the OASIS DSS (Digital  
> Signature
> Services) TC [1,2,3]. This builds on an existing DSS concept called
> "signature gateways" [4].
> The most practical way to provide this functionality seems to be a  
> mechanism
> to express the operations that are requested (such as signing, or
> timestamping) as DSS requests, either on a per-message basis or as  
> part of
> the contract between sender, intermediary and (ultimate) recipient.  
> That
> way, ebMS 3.0 part 2 would only need a notation to express the  
> particular
> DSS operation requested and the message parts that the operation  
> relates to,
> on a per message basis or per contract. Products that implement ebMS  
> 3.0
> could provide the functionality by leveraging third party emerging DSS
> products, which provide very rich functionality.
> The idea of the intermediary acting as trusted audit trail of message
> exchanges is in OSCI 1.2 [5], which has a concept called  
> "recording".  OSCI
> intermediaries can keep "process cards" that have timestamped  
> records of
> when messages were received, forwarded, acknowledged.  There is a  
> protocol
> for retrieving these process cards from the intermediary.
> Pim
> [1]
> http://www.oasis-open.org/committees/download.php/25293/EbXML-dss-requiremen
> ts.doc
> [2] http://lists.oasis-open.org/archives/dss-x/200710/msg00031.html
> [3] http://lists.oasis-open.org/archives/dss-x/200710/msg00041.html
> [4]
> http://docs.oasis-open.org/dss/v1.0/oasis-dss-profiles-SignatureGateway-spec
> -v1.0-os.html
> [5]
> http://www1.osci.de/sixcms/media.php/13/osci-specification_1_2_english.pdf
> -----Original Message-----
> From: Sander Fieten [mailto:sander@fieten-it.com]
> Sent: 23 October 2007 13:27
> To: ebxml-msg@lists.oasis-open.org
> Subject: [ebxml-msg] About notary function of intermediaries
> As discussed during the last call I think a usefull function or role  
> of
> intermedairy could be that of a notary. That is, it signs a payload  
> received
> from party A and then sends it on to party B. By signing the payload  
> the
> intermedairy confirms the payload as valid/ true, like a notary does  
> in the
> real world. As such a document is regularly required by law it might  
> be a
> usefull function in a messaging environment.
> Regards,
> Sander
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs  
> in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]