OASIS Digital Signature Services (DSS) TC
Defining an XML interface to process digital signatures for Web services and other applications
Table of Contents
- TC Overview
- Technical Work Produced by the Committee
- External Resources
- Mailing Lists and Comments
- Additional Information
DSS v1.0 has been now been fully ratified as OASIS Specifications.
The DSS OASIS Specifications are available below. This consists:
- Digital Signature Service Core Protocols, Elements, and Bindings
and the following profiles of the OASIS Digital Signature Services:
- XML Timestamping Profile
- Signature Gateway Profile
- German Signature Law Profile
- Entity Seal Profile
- Electronic PostMark (EPM) Profile
- Abstract Code-Signing Profile
- J2ME Code-Signing Profile
- Asynchronous Processing Abstract Profile
- Advanced Electronic Signature Profiles
Interoperability tests have been carried out by members of the DSS TC to prove the operation of the DSS.
For an overview of DSS see DSS Specifications Overview below.
The OASIS Digital Signature Services (DSS) TC will develop techniques to support the processing of digital signatures. This includes defining an interface for requesting that a web service produce and/or verify a digital signature on a given piece of data and techniques for proving that a signature was created within its key validity period.
The Digital Signature Services (DSS) specifications describe two XML-based request/response protocols – a signing protocol and a verifying protocol. Through these protocols a client can send documents to a server and receive back a signature on the documents; or send documents and a signature to a server, and receive back an answer on whether the signature verifies the documents. The DSS Core specifications provide the basic protocols and elements which are adapted to support specific use cases in the DSS profiles.
A paper submitted to the EEMA ISSE 2006 conference describing DSS is available (courtesy of EEMA) EEMA ISSE paper on DSS.
An overview of the DSS specifications is available DSS Overview
The OASIS DSS TC has carried out a set of interoperability tests for assessing the worthiness of the specifications being developed, and the feasibility of easily getting interoperable implementations from them. A document has been produced that defines and describes a number of relevant test cases for the specifications. Its contents may benefit implementors of the DSS specifications.
Latest version of the aforementioned document may be found at: http://www.oasis-open.org/committees/download.php/20508/oasis-dss-1.0-interop-wd-07.doc.
Members of the TC, which have developed independent implementations of the specifications, have successfully participated in these interoperability tests.
The DSS Core specification provide the basic protocols and elements which are
adapted to support specific use cases in the DSS profiles.
The following profiles are released with this version 1.0 of DSS:
Although not produced by the OASIS DSS TC, the following information offers useful insights into its work.
Members Work to Develop Digital Signature and Timestamping Protocols:
Entrust, IONA, NIST, webMethods, TIBCO, Verisign, and Others
Collaborate on Security Standard to Accelerate Web Services Deployment
OASIS News, 24 Oct 2002
The DSS Technical Committee currently reviewing its future activities.
For technical assistance regarding this OASIS TC web page, contact firstname.lastname@example.org.
Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.