dsig

Hi all-

I am new to the xmldigsig list and have a question. I noted on the
XML-Signature site that the working group does not deal with broader XML
security issues, so if you could point me to the right person to ask, I
am grateful.

I am interested in knowing why digital signatures or a third party
digital certificate is at all necessary in transactions where trusted
relationships and identities already exist. An example is a one to one,
long-term relationship in a closed market place. Specifically, when
machine are communicating with other machines (such as in a
time-critical factory floor environment), wouldn't the encumbering
process of digital signatures and verification of information be a
hassle? Do you need a trusted third party to ensure security is machine
to machine interactions?

I would appreciate knowing what groups do look as questions of trust
management systems.

Thank you, Carolyn Sleeth