News

OASIS Unfurls Standard for Digital Signatures

OASIS has approved a standard for digital signatures using XML. The standard, called Digital Signature Services (DSS) version 1.0, enables the sharing of digital signatures without the use of "complex client software," according to an announcement issued by the organization.

The standard aims to facilitate security in electronic commerce, as well as in Web-based applications. It incorporates existing digital signature standards formulated by the IETF (Internet Engineering Task Force) and ETSI (European Telecommunications Standards Institute).

The DSS standard can make it easier for companies to verify documents because signing keys are maintained on a secure server, rather than being managed individually, according to OASIS' announcement.

"DSS allows sensitive signing keys to be protected by using tamper-proof signing devices and by locating the server in a room with controlled access. Costs are reduced with DSS, because security can be highly localized," explained Nick Pope of Thales eSecurity Ltd. in the announcement. Pope is also co-chair of the OASIS DSS Technical Committee.

The DSS standard describes two XML-based request and response protocols, according to the announcement. One of the protocols is used for signatures and the other is used for verification. The standard supports time-stamping, corporate seals, electronic postmarks and code signing.

The process of verification works using "a range of transport and security bindings," according to OASIS' DSS FAQ. The use of HTTP Post or SOAP over transport layer security is optional.

OASIS, or Organization for the Advancement of Structured Information Standards, is an international nonprofit consortium that advocates for e-business standards.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft Shares Coming Windows Server 20H1 Improvements

    Microsoft recently detailed a few improvements coming to the next release of Windows Server, including faster PowerShell performance and a smaller container size.

  • The 2019 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generation of HoloLens, here's what's on tap from Microsoft this year.

  • Microsoft Bringing Teams to Linux in Preview

    A limited preview of the Microsoft Teams app is now available for select Linux desktop operating systems, making it "the first Microsoft 365 app" to run on Linux.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.