RE: xmldsig questions

 Resent-Sender: w3c-ietf-xmldsig-request@w3.org
> Content-Length: 1128
> 
> (snip)
> David, Barbara, others?
> 
It seems to me that this discussion gets beyond of a pure
signature validation. It's sliding into a discusion about
how to ensure the validity of the document for a long time.

In principle this seems to me a good thing. At least, it
should be made clear where one should stop:

- A strictly minimal behaviour is not to treat any 
  assertions/certificats at all. 

- A more advanced version would be to allow to add all
  kinds of "certificates" to be added as unsigned elements
  and leave the interpretation of this up to a verifying 
  entity.

- Another step is to explicitely provide a form to include
  such assertions/certificates also in the signed part of
  a document, thus to allow verifying applications a
  homogenous, and independant way of finding these assertions
  (including recursively signed document).

- Then another last step could be to specify some procedures
  like transforming rules that take this 'security' structure
  of the document as input to verify whether they follow
  some rules. Example: A document needs to be signed at least
  by two directors of a company, they need to include identity
  certificates in the signature and an assertion of a local
  chamber of commerce that the certs are valid and could be
  used in some context, and some assertion of a legal deposit
  service that the content had been shown and archived by some
  well known notary at some time, and so on. 


Just talking about id certificates, thus about CRLs, or OCSP
is just one dimension to get evidences about the validity of
a document. 

Do you verify the signatures on a 200 year old consitution
in order to determine its validity?  How do you determine
the validity of some 1000 year old document? How to you
determine the validity of the contract signed by your
grand-parents for the house you are living in? 
 

Peter Sylvester

Received on Tuesday, 21 December 1999 13:05:30 UTC