News

OASIS group to develop digital signature standards

The Organisation for the Advancement of Structured Information Standards has set up a new group, the OASIS Digital Signature Services Technical Committee, to develop simplified digital signature processing standards for Web services environments.

The new OASIS group will work to develop open XML protocols to centrally control and validate digital signatures and provide cryptographic time-stamping services. It will also seek to ensure a presented signature was created within its private key validity timeframe, said Robert Zuccherato, chair of the newly formed OASIS committee.

"We saw a need for standards dealing with signature processing. The W3C has done a lot of good work defining syntax of XML signatures and a lot of management around that, but actual signature processing, creating or verifying signatures, pass and validation around that is a hard problem to solve," said Zuccherato, a research scientist at Entrust.

He said the OASIS Digital Services Technical Committee hopes to have completed work on the new standard within a year. The group's first meeting is scheduled for 2 December.

Companies that have signed up to the Web services digital signature initiative include Entrust, Tibco Software, VeriSign, WebMethods, Iona Technologies and the National Institute of Standards and Technology.

It is possible that the fledgling standard could be affected by other evolving OASIS Web services standard initiatives, such as SAML (Secure Access Markup Language) and WS-Security, Zuccherato added.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy