OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [wss] Proof-of-Possession


Please permit me to interrupt. Perhaps this is a little clearer:

"Message senders use signatures in a process that requires knowledge of a secret to access a key. When a key is used, this proves certain claims that have been made in the human-readable text of a security token. This process binds a message sender's identity to the resultant message, as well as any other claims occurring in the security token."

The problem that I have with the description is that the binding of identity to the security claims is not the point of a signature at all. It is a binding of identity to a promise, statement of fact, or other moral endeavor that imbues a signature with its legal power. 

John Messing, 
Chair, eNotary TC
3900 E. Broadway Blvd., Suite 201
Tucson, AZ 85711
(520)547-7933 (v)
(520)547-7920 (f)
jmessing@law-on-line.com

----- Original Message ----- 
From: "DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM>
To: "ronald monzillo" <ronald.monzillo@sun.com>
Cc: "DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM>; <wss@lists.oasis-open.org>
Sent: Monday, January 13, 2003 8:51 PM
Subject: RE: [wss] Proof-of-Possession


I tend to agree.  The more I study the POP term, the more I get the
feeling we can easily rewrite the specification to remove it and make
the specs better in the process.

As for the example paragraph you are using, here is a go at it with a
couple edits:

"Signatures are also used by message senders to demonstrate knowledge of
the key used to confirm the claims in a security token and thus to bind
their identity (and any other claims occurring in the security token) to
the messages they create."

&Thomas.

] -----Original Message-----
] From: ronald monzillo [mailto:ronald.monzillo@sun.com]
] Sent: Monday, January 13, 2003 1:26 PM
] To: ronald monzillo
] Cc: DeMartini, Thomas; wss@lists.oasis-open.org
] Subject: Re: [wss] Proof-of-Possession
] 
] >
] > It may be prudent for us to remove the POP term from our specs.
] > For example in response to comment 2, we could rewrite the cited
] > paragraph to the following:
] >
] > Signatures are also used by message senders to demonstrate knowledge
] > of the key claimed in a
] > security token and thus to authenticate or bind their identity (and
] > any other claims occurring in the 247
] > security token) to the messages they create. A signature created by
a
] > message sender to 248
] > demonstrate knowledge of an authentication key serves to
authenticate
] > the signed message content.
] 
] 
] Sorry, I forgot that there is at least one other terminology change
that
] is likely called for in the cited para.
] That is, it is not really appropriate to use the word "authenticate"
on
] the evidence provider side, as
] authentication is verification done by the relying party/receiver.
] 
] Signatures are also used by message senders to demonstrate knowledge
of
] the key claimed in a
] security token and thus to bind their identity (and any other claims
] occurring in the 247
] security token) to the messages they create. A signature created by a
] message sender to 248
] demonstrate knowledge of an authentication key serves to establish the
] sender as the source of
] the signed content.
] 
] I realize that "the source the signed content" may be controversial. I
] qualified the what
] the message sender/signer was a source of realizing that the content
] itself may have
] originally been from another source, or occur as signed content in
other
] signatures.
] 
] Ron
] 
] 
] 
] >
] >
] > Ron
] 


----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC