The new OASIS group will work to develop open XML protocols to centrally control and validate digital signatures and provide cryptographic time-stamping services. It will also seek to ensure a presented signature was created within its private key validity timeframe, said Robert Zuccherato, chair of the newly formed OASIS committee.
"We saw a need for standards dealing with signature processing. The W3C has done a lot of good work defining syntax of XML signatures and a lot of management around that, but actual signature processing, creating or verifying signatures, pass and validation around that is a hard problem to solve," said Zuccherato, a research scientist at Entrust.
He said the OASIS Digital Services Technical Committee hopes to have completed work on the new standard within a year. The group's first meeting is scheduled for 2 December.
Companies that have signed up to the Web services digital signature initiative include Entrust, Tibco Software, VeriSign, WebMethods, Iona Technologies and the National Institute of Standards and Technology.
It is possible that the fledgling standard could be affected by other evolving OASIS Web services standard initiatives, such as SAML (Secure Access Markup Language) and WS-Security, Zuccherato added.