[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] JPMorgan/RSA message
At 08:24 PM 10/17/2004 +0100, Nick Pope wrote: >Glen, > >Your input are very useful in bringing in a fresh perspective on what we are >doing in DSS. > >Firstly, can I check that I have a proper understanding of the operation of >the PSTP protocol. Is the private key used to protect the symmetric keys >(referred to as Ke) loaded up to the client system within the Applet / >Active X code, or loaded separately into the client system by some other >means? In the example, Ke was the public key. >Secondly, I like the idea of the Signature Gateway profile. I can see this >have a wide number of uses, taking a signature, adding information on its >validity and applying a second signature. Yeah, this is another example of Verify-then-Sign (use Verify protocol, with the <ReturnUpdatedSignature> option). >Do I understand the proposed operation of the Secure Gateway is an in-line >message service. Would this be using SOAP or similar protocol? The DSS >currently operates on a request / response with the response going back to >the original client. Yeah, we need to drill into this more (where exactly DSS fits in an inline Signature Gateway). Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]