Abstract
Deploying support for digital signatures can be a major headache for any organisation. In many cases signatures are created on behalf of an organisation but may be applied by a constantly changing authorised group of personnel. The need to manage the allocation and certification of the multitude of user keys can be particularly burdensome and difficult to secure. This paper presents an alternative approach to the digital signing, which significantly reduces these headaches, being supported by a number of companies and standardised by OASIS. The OASIS “Digital Signature Services” (DSS) standard specifies the use of a specialised server for the creation and verification of signatures under control of remote clients. Instead of keys having to be held and managed individually, OASIS DSS enables keys and other aspects of the signing service to be managed centrally on a networked server. The OASIS DSS protocol supports a range of signature formats including XML and CMS. It is designed around a basic “Core” set of elements and procedures which can be profiled to support specific uses such as time-stamping (including XML structured timestamps), corporate entity seals, electronic post marks and code signing.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
OASIS Digital Signature Services Technical Committee http://www.oasis-open.orglconmiittees/tc_home.php?wg_abbrev=dss
CMS Advanced Electronic Signatures (CAdES) http://www.etsi.org/services_products/freestandardlhome.htm
XML Advanced Electronic Signatures (XAdES) http://www.etsi.org/services_products/freestandardlhome.htm
Universal Postal Union-Electronic Post Mark http://www.upu.intlnews_centre/documents/enlbrochure_the_electronic_ post_mark_en.pdf
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2006 Friedr. Vieweg & Sohn Verlag | GWV-Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Pope, N., Cruellas, J.C. (2006). Digital Signatures without the Headaches. In: ISSE 2006 — Securing Electronic Busines Processes. Vieweg. https://doi.org/10.1007/978-3-8348-9195-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9195-2_13
Publisher Name: Vieweg
Print ISBN: 978-3-8348-0213-2
Online ISBN: 978-3-8348-9195-2
eBook Packages: Computer ScienceComputer Science (R0)