OASIS Digital Signature Services eXtended (DSS-X) Technical Committee

The original Call For Participation for this TC may be found at http://lists.oasis-open.org/archives/tc-announce/200706/msg00012.html.

The Charter for this TC was clarified on 31 March 2021. The ballot to approve the clarification can be found at https://www.oasis-open.org/committees/ballot.php?id=3591.

  1. Name of the TC

    OASIS Digital Signature Services eXtended (DSS-X) Technical Committee

  2. Statement of Purpose

    This Technical Committee has as its mandate production of new profiles of the existing OASIS Digital Signature Services core protocol "Digital Signature Service Core Protocols, Elements, and Bindings Version 1.0" and maintenance of this specification and its existing profiles.

    A new major version 2.0 of DSS is necessary due to security issues of version 1.0 and because the market requests both the JSON and the XML format.

    In line with the original charter, this new version with matching profiles will be produced by the TC.

    This further includes promotion of the standard and the creation of material helping dissemination. In general terms, the TC has the goal to facilitate the processing of digital signatures and time stamps in a client server environment.

  3. Scope of Work

    The scope of activity for this TC will be within the following topics:

    • Support of the server-based creation and verification of different types of signatures, among which the most relevant ones are XML Sig and CMS, and timestamps, both RFC 3161 and the XML time-stamps defined by the OASIS Digital Signature Services (DSS) TC.
    • Production of new profiles suitable for a number of environments and purposes, which spread the usage of the specifications.
    • Production of an analysis of inter-relationship among existing profiles in a matrix where new profiles shall state their relationship to existing ones.
    • Production of dissemination material for promoting usage and facilitating tools development.
    • Maintenance of the existing OASIS DSS standard and core protocol "Digital Signature Service Core Protocols, Elements, and Bindings Version 1.0" and related profiles produced by the former OASIS Digital Signature Services Technical Committee, subject to appropriate access to underlying intellectual property.

  4. List of Deliverables and Completion Dates

    Below follows the list of generic deliverables:

    • New DSS Profiles
    • Further Interoperability tests
    • Cross Matrix for existing profiles showing their inter-relationship
    • WSDL definition for the DSS soap bindings
    • Maintenance of "Digital Signature Service Core Protocols, Elements,and Bindings Version 1.0"
    • Maintenance of existing Profiles

    Below follows the list of candidate new profiles:

    • Visible signatures
    • Profile for ebXML
    • Profile for individual reports on every signature verified in multi-signature documents
    • Profile for requesting signed verification responses
    • "baseline" profiles. Profiles for basic functions in support of generation and verification of XML signatures, CMS signatures, XML time-stamps and RFC 3161 time-stamps.
    • Handling of signature & service policy
    • Profile for supporting centralized encryption and decryption services

    This list must not be taken as a closed one: the TC may decide to specify any other additional suitable profile during its lifetime. Additionally the TC may decide to drop one of these candidates if there is not sufficient support.

  5. IPR Mode

    Royalty Free on Limited Terms

  6. Audience

    Anticipated audience or users of the work include:

    • Applications requiring digital signatures
    • Companies requiring centralized electronic signature generation solutions in place (e-Invoice in Europe for instance).
    • Companies offering signing, time stamping and verification as a service (ASP provider).
    • Trusted Service Providers of more or less closed communities offering centralized electronic signatures verification services.
    • Public Administrations launching e-Identity initiatives.
    • Public Administrations and private companies doing Government-Business Electronic Commerce.
    • Public Administrations agencies exchanging signed documents. Participants in Exchange Processes, where signed documents are to be exchanged, archived and/or retrieved.

  7. Language