[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Re: Indication of Intent / Commitment type
> -----Original Message----- > From: jmessing [mailto:jmessing@law-on-line.com] > Sent: 09 March 2004 14:51 > To: Dallas Powell; OASIS DSS TC; Nick Pope > Subject: RE: [dss] Re: Indication of Intent / Commitment type > > > Please see inline comments. ..snip > <jm> > In a dss, the username/password can be leveraged into a digital > signature by having a method by which a server recognizes a use > from the username/password and digitally signs on the user's > behalf, either by employing the server's key (XKI type of > process) or a key maintained on the server for use by the client > (XKMS type of process). One way to do this is to have a third > party authenticate the user with the username/password and > digitally sign an authentication assertion (SAML) which the > signature server recognizes. > </jm> We may need to await WSS support for SAML tokens before we could use this in DSS for authentication. > >> Another issue that I need addressed in the CommitmentType is > whether the > >> intent of the signature is to approve of the content of a given > >> document or > >> to certify the validity of another signature and have no > liability of the > >> content of the document. > >> > <jm>I think this could be part of a profile within the > above-described architecture. Nick, Paul Madsen's abstracting > profile sufficient to cover both the XKI and XKMS examples? > </jm> Yes - my understanding that this profile is neutral to the type of key used. Nick
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]