OASIS Approves Digital Signature Services Standard
June 28, 2007 // Published as a news service by IHS
| |
| Tools for Engineers |
IHS sells flexible standards collections and robust engineering software to maximize your workflow.
To learn more, and for a free quote, please complete the form below. |
|
The Organization for the Advancement of Structured Information Standards (OASIS) approved Digital Signature Services (DSS) version 1.0 as an OASIS standard.
DSS defines an eXtensible Markup Language (XML) interface to process digital signatures for web services and other applications enabling the sharing of digital signature creation, verification and other associated services, without complex client software and configuration.
DSS describes two XML-based request/response protocols, one for signatures and a second for verification.
Using these protocols, a client can send documents to a server and receive back a signature on the documents; or send documents and a signature to a server and receive back an answer on whether the signature verifies the documents.
"DSS makes it easy to use digital signatures because it lets companies control their signature applications on an organizational basis through a network-based server," said Juan Cruellas of Centre d'aplicacions avanades d'Internet (CANET), co-chair of the OASIS DSS Technical Committee.
"Instead of being managed individually, signing keys are maintained on a secure server with controls that minimize the risk of compromise. Signatures can still be created by authorized individuals, but instead of requiring specialized signing equipment for each person, DSS allows organizations to use their existing authentication mechanisms such as passwords, two factors, biometrics, etc."
DSS supports a range of signature formats including XML and Case Management System (CMS). It is designed around a core set of elements and procedures, which can be profiled to support specific uses such as time-stamping including XML structured time-stamps, corporate entity seals, electronic post marks and code signing.
"A DSS signature secures an organization's documents efficiently and effectively while maintaining accountability down to the individual level," said Nick Pope of Thales eSecurity Ltd., co-chair of the OASIS DSS Technical Committee.
"What's more, DSS allows sensitive signing keys to be protected by using tamper-proof signing devices and by locating the server in a room with controlled access. Costs are reduced with DSS, because security can be highly localized."
The OASIS DSS Technical Committee worked closely with the Universal Postal Union (UPU), an agency of the United Nations, to facilitate the use of DSS within its Electronic Post Mark system (UPU EPM).
"Deploying support for digital signatures can be extremely challenging, especially for large companies. The task of allocating and certifying user keys can be burdensome and difficult to secure," said OASIS president and CEO, Patrick Gannon.
The DSS OASIS Standard was developed by representatives of the American Bar Association, Austria Federal Chancellery, BEA Systems, CATCert-Agencia Catalana de Certificacio, IBM, Nokia, Universal Postal Union and others.
The DSS OASIS Standard and the archives of the OASIS DSS Technical Committee work are publicly accessible. OASIS hosts the dss-dev mailing list for exchanging information on implementing the standard.
Source: Organization for the Advancement of Structured Information Standards (OASIS).