W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2001

Re: dsig

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Wed, 13 Jun 2001 15:24:47 -0400
Message-Id: <200106131924.PAA0000055007@torque.pothole.com>
To: Carolyn Sleeth <csleeth@bic.sri.com>
cc: w3c-ietf-xmldsig@w3.org
I would agree that if you had two dedicated trusted machines in a trusted
environment commnicating only with each other, you probably don't need
signatures.

Donald

From:  Carolyn Sleeth <csleeth@bic.sri.com>
Message-ID:  <3B27B06F.7C88AA2A@bic.sri.com>
Date:  Wed, 13 Jun 2001 11:27:00 -0700
To:  Donald Eastlake 3rd <dee3@torque.pothole.com>, w3c-ietf-xmldsig@w3.org,
            reagle@w3.org
References:  <3B266A96.C7DB9A72@torque.pothole.com>

>Hi all-
>
>I am new to the xmldigsig list and have a question. I noted on the
>XML-Signature site that the working group does not deal with broader XML
>security issues, so if you could point me to the right person to ask, I
>am grateful.
>
>I am interested in knowing why digital signatures or a third party
>digital certificate is at all necessary in transactions where trusted
>relationships and identities already exist. An example is a one to one,
>long-term relationship in a closed market place. Specifically, when
>machine are communicating with other machines (such as in a
>time-critical factory floor environment), wouldn't the encumbering
>process of digital signatures and verification of information be a
>hassle? Do you need a trusted third party to ensure security is machine
>to machine interactions?
>
>I would appreciate knowing what groups do look as questions of trust
>management systems.
>
>Thank you, Carolyn Sleeth
Received on Wednesday, 13 June 2001 15:25:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:05 UTC