[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [wss] Proof-of-Possession
Please permit me to interrupt. Perhaps this is a little clearer: "Message senders use signatures in a process that requires knowledge of a secret to access a key. When a key is used, this proves certain claims that have been made in the human-readable text of a security token. This process binds a message sender's identity to the resultant message, as well as any other claims occurring in the security token." The problem that I have with the description is that the binding of identity to the security claims is not the point of a signature at all. It is a binding of identity to a promise, statement of fact, or other moral endeavor that imbues a signature with its legal power. John Messing, Chair, eNotary TC 3900 E. Broadway Blvd., Suite 201 Tucson, AZ 85711 (520)547-7933 (v) (520)547-7920 (f) jmessing@law-on-line.com ----- Original Message ----- From: "DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM> To: "ronald monzillo" <ronald.monzillo@sun.com> Cc: "DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM>; <wss@lists.oasis-open.org> Sent: Monday, January 13, 2003 8:51 PM Subject: RE: [wss] Proof-of-Possession I tend to agree. The more I study the POP term, the more I get the feeling we can easily rewrite the specification to remove it and make the specs better in the process. As for the example paragraph you are using, here is a go at it with a couple edits: "Signatures are also used by message senders to demonstrate knowledge of the key used to confirm the claims in a security token and thus to bind their identity (and any other claims occurring in the security token) to the messages they create." &Thomas. ] -----Original Message----- ] From: ronald monzillo [mailto:ronald.monzillo@sun.com] ] Sent: Monday, January 13, 2003 1:26 PM ] To: ronald monzillo ] Cc: DeMartini, Thomas; wss@lists.oasis-open.org ] Subject: Re: [wss] Proof-of-Possession ] ] > ] > It may be prudent for us to remove the POP term from our specs. ] > For example in response to comment 2, we could rewrite the cited ] > paragraph to the following: ] > ] > Signatures are also used by message senders to demonstrate knowledge ] > of the key claimed in a ] > security token and thus to authenticate or bind their identity (and ] > any other claims occurring in the 247 ] > security token) to the messages they create. A signature created by a ] > message sender to 248 ] > demonstrate knowledge of an authentication key serves to authenticate ] > the signed message content. ] ] ] Sorry, I forgot that there is at least one other terminology change that ] is likely called for in the cited para. ] That is, it is not really appropriate to use the word "authenticate" on ] the evidence provider side, as ] authentication is verification done by the relying party/receiver. ] ] Signatures are also used by message senders to demonstrate knowledge of ] the key claimed in a ] security token and thus to bind their identity (and any other claims ] occurring in the 247 ] security token) to the messages they create. A signature created by a ] message sender to 248 ] demonstrate knowledge of an authentication key serves to establish the ] sender as the source of ] the signed content. ] ] I realize that "the source the signed content" may be controversial. I ] qualified the what ] the message sender/signer was a source of realizing that the content ] itself may have ] originally been from another source, or occur as signed content in other ] signatures. ] ] Ron ] ] ] ] > ] > ] > Ron ] ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC