|
Hans,
I gladly take the blame for introducing some
confusion :-)
"Binding" is at least as problematic as "Signature" when entering the O2O-space [1], and as far as I know, there are in SHS no requirements for additional signatures. It has only been mentioned as a possibility. Still SHS is not designed for communicating "trivia". So if one authority adds this, and another adds that as input to an application, the final decision, regardless if carried out by a computer or a human being, is to a very high extent dependent on "authority-stamps". Even when decisions are actually signed by humans, that does not necessarily implicate (due to privacy reasons), that external parties should ever get decisions in the original format, which may be kept "inside" only. BTW, the original format may be in XML, while the "customer" probably has more use of an [authority-signed] PDF. To get some proportions on this, it is sort of
"nice" to know (well...) that "e-sign in US
on-line banks is equivalent to hitting the
OK-button" (a recent citation of an
info-security-department of one of the largest US
banks).
cheers,
Anders 1] bound to an individual or to the organization or both? ----- Original Message ----- From: "Hans Nilsson" <hnn@xxxxxxxxxxxxxx> To: <ietf-pkix@xxxxxxx> Sent: Sunday, December 15, 2002 10:24 Subject: Confusion regarding "Authority-stamp-signatures" Dear all, For SHS, I think the explanation is very simle: the digital signature mechanism is used to provide data integrity and origin authentication for the sending organization, and has nothing to do with binding approval of the document (a.k.a non-repudiation). It's just the electronic counterpart to the paper and its letter-head. In Sweden we now call this "electronic stamp". Once again people (and this time Jimi and Anders are the guilty ones :-) make the direct association from the word "signature" to meaning "willful act" or "non-repudiation", terms which we by now, after many years of discussion, all agree we never will be able to define in technical terms. During the last year, someone (and I dont remember who) said approximately that "the person who in the 70s coined the term "signature" for the mechanism of "RSA-transformation with a private key" made a great disservice to the PKI community, since it ever since then has been a source of great confusion". Could the name of the culprit be hidden in the famous initials DH or RSA? And could the author of the statement above plese make himself visible so I can cite him correctly in the future? Please remember: Digital signature (ouch!) is just a technical mechanism, that can be used for a large variety of services... Hans -----Original Message----- From: owner-ietf-pkix@xxxxxxxxxxxx [mailto:owner-ietf-pkix@xxxxxxxxxxxx] On Behalf Of Anders Rundgren Sent: Saturday, December 14, 2002 6:06 PM To: Jimi Thompson; ietf-pkix@xxxxxxx Subject: Re: e-Government uses "Authority-stamp-signatures" Jimi, >In order to establish non-repudiation, won't you need the signature of >a person and not just proof that the email passed through a specific >server? I hope you can apologize me, but I have a very simplistic way of looking at repudiation of signed messages that goes as follows: - Personal signature: "I haven't sent that message!" - Organization/server-based signature: "WE haven't sent that message!" As not a single such event has so far been publicly documented, it is really all up to pure speculation, but I can't see that the technical processes or the rather unlikely legal processes needed to clear up the two cases above will differ at all. In spite of the literally "eons" of time spent on creating digital signature laws. Well, if there _is_ a difference, I believe that the organization-variant will prove to be easier to resolve, as archiving, user authorization, time-stamping, etc. is built-in into the very core of the architecture of such systems! There are people who believe that the scheme represented by SHS is a "Quick and dirty" solution. I would rather claim that this is a flexible "Mammal" given its unlimited extensibility with respect to PKI, while static schemes like the US Federal PKI seems more related to "Dinosaurs", just waiting for extinction. cheers, Anders |