- From: John Boyer <jboyer@uwi.com>
- Date: Fri, 22 Oct 1999 14:46:33 -0700
- To: "DSig Group" <w3c-ietf-xmldsig@w3.org>
"Signer authentication: To provide good evidence of who participated in a transaction, a signature should indicate by whom a document or message is signed and be difficult for any other person to produce without authorization" [1, p. 8]. With respect to assymmetric cryptosystems, "Signer authentication: If a public and private key pair is associated with an identified signer as described below [document goes on to describe certificates and CAs], a digital signature by the private key effectively identifies the signer with the message. The digital signature cannot be forged by a person other than the proper signer, unless the proper signer loses control of the private key..." [1, p.10]. [1] M. Baum & R. Schwartz. (Eds.) Digital Signature Guidelines: Legal Infrastructure for Certification Authorities and Secure Electronic Commerce. American Bar Association, Section of Science and Technology, 1996. Available at: http://www.abanet.org/scitech/ec/isc/dsgfree.html John Boyer Software Development Manager UWI.Com -- The Internet Forms Company
Received on Friday, 22 October 1999 17:46:26 UTC