OASIS Digital Signature Services eXtended (DSS-X) TC

 View Only
  • 1.  encryption examples

    Posted 01-28-2008 13:31
    Hi,
    I added a page on the DSS-X wiki for the encryption profile examples:
    http://wiki.oasis-open.org/dss-x/Clemens
    (more examples will follow).
    
    We should probably comment and discuss directly on that page.
    
    regards,
    Clemens
    
    ps. I didn't manage to activate line numbers and syntax highlighting for the 
    XML source code. (looks like only java and python source code were 
    supported?)
    
    -- 
    Clemens Orthacker  A-SIT, Graz University of Technology
    Inffeldgasse 16a, 8010 Graz, Austria
    Tel: +43 316 873 5512         Web: http://www.a-sit.at/
    


  • 2.  RE: [dss-x] encryption examples

    Posted 01-30-2008 12:51
    Hello Clemens,
    
    I came across a potential use case for an encryption profile: electronic
    tendering (in the context of public procurement in Europe). I'm told
    encryption/decryption services would help solve many practical
    interoperability issues in this domain.  But there is a requirement (in some
    countries) that the content can only be decrypted if all participating key
    owners agree.  This could be done by splitting the generated symmetric key
    in parts, with the various parts encrypted using different keys.  Could your
    profile (be extended to) support this?
    
    Pim
    
    


  • 3.  Re: [dss-x] encryption examples

    Posted 01-30-2008 13:45
    Pim,
    
    Thanks for your comment. In this context we should consider using what is 
    called threshold cryptography schemes, however, I'm not aware of support of 
    such schemes in XMLEnc (I might be wrong, though).
    Basically we could, instead of encrypting the session key for n recipients, 
    encrypt for every of the n recipients a so called 'share' and define an 
    identifier (URN) for the threshold scheme to be used in 
    dss:OptionalInputs/xenc:EncryptionMethod.
    Provided the existence of such an identifier, the encryption profile would 
    support your usecase out of the box.
    
    I will further investigate the issue,
    Clemens
    
    Am Mittwoch, 30. Januar 2008 13:50 schrieben Sie:
    > Hello Clemens,
    >
    > I came across a potential use case for an encryption profile: electronic
    > tendering (in the context of public procurement in Europe). I'm told
    > encryption/decryption services would help solve many practical
    > interoperability issues in this domain.  But there is a requirement (in
    > some countries) that the content can only be decrypted if all participating
    > key owners agree.  This could be done by splitting the generated symmetric
    > key in parts, with the various parts encrypted using different keys.  Could
    > your profile (be extended to) support this?
    >
    > Pim
    >
    > 


  • 4.  DSS services and European Signature law

    Posted 02-05-2008 10:40
    Hello,
     
    I posted a question on DSS and European Signature law on the DSS-Dev list.
    As it is more about the use and context of DSS than about current work of
    the DSS-X TC, I did not want to use the DSS-X TC list although it may be of
    interest to some of you. The message should appear in the archives at
    http://www.oasis-open.org/archives/dss-dev/ soon. 
    
    Pim