News

OASIS Unfurls Standard for Digital Signatures

OASIS has approved a standard for digital signatures using XML. The standard, called Digital Signature Services (DSS) version 1.0, enables the sharing of digital signatures without the use of "complex client software," according to an announcement issued by the organization.

The standard aims to facilitate security in electronic commerce, as well as in Web-based applications. It incorporates existing digital signature standards formulated by the IETF (Internet Engineering Task Force) and ETSI (European Telecommunications Standards Institute).

The DSS standard can make it easier for companies to verify documents because signing keys are maintained on a secure server, rather than being managed individually, according to OASIS' announcement.

"DSS allows sensitive signing keys to be protected by using tamper-proof signing devices and by locating the server in a room with controlled access. Costs are reduced with DSS, because security can be highly localized," explained Nick Pope of Thales eSecurity Ltd. in the announcement. Pope is also co-chair of the OASIS DSS Technical Committee.

The DSS standard describes two XML-based request and response protocols, according to the announcement. One of the protocols is used for signatures and the other is used for verification. The standard supports time-stamping, corporate seals, electronic postmarks and code signing.

The process of verification works using "a range of transport and security bindings," according to OASIS' DSS FAQ. The use of HTTP Post or SOAP over transport layer security is optional.

OASIS, or Organization for the Advancement of Structured Information Standards, is an international nonprofit consortium that advocates for e-business standards.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.