June 7, 2007 4:39 PM PDT

Digital signatures get Web standards nod

A standards group has completed work on digital signature technology designed to ensure data authenticity between interacting Web servers.

Version 1.0 of the Digital Signature Services standard provides a tamper-proof mechanism to provide electronic timestamps, postmarks or official corporate imprimaturs. Members of the Organization for the Advancement of Structured Information Standards (OASIS) gave the digital signature standard its highest level of ratification, the standard group said Thursday.

OASIS governs many emerging standards in the domain of Web services, a term that refers to sophisticated interactions of different servers over the Internet. With a digital signature Web service, a company could use a separate server to handle the chore rather than building it directly into each application that needed it.

The digital signature standard has two components, one for the signature itself and one for verification of the signature, OASIS said. So, for example, a computer service could send a document to a server to receive a digital signature or send a document and its signature to a server that will verify the document's authenticity.

One organization that has an interest in digital signatures and that worked with OASIS to develop the standard is the Universal Postal Union, a United Nations agency. It's working to incorporate the digital signature standard into its Electronic Post Mark system (UPU EPM), OASIS said.

See more CNET content tagged:
OASIS, digital signature, Web service, signature, document

2 comments

Join the conversation!
Add your comment
Just what the Doctor Ordered
Sounds like just what's needed to break the phishing patterns used recently.

But whether it too is vulnerable to the same sorts of attacks is not yet know.

FWIW
Posted by wbenton (522 comments )
Reply Link Flag
We must be wary of standards
By all accounts, this should be a exciting announcement.

Sadly however after reading the blog at www.klauskorner.com about unethical conduct by members of the United Nations and SAP, I am reminded that standards are only as valuable as the body they are created in and the open, transparent, and ethical behavior of the participants.

This is not a first time event. In 2004, the NY Times wrote an article about unethical behavior by Microsoft and UN/CEFACT members. Barely 3 years later, it seems like deja vue all over again.
Posted by standardsguru (3 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.