Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=6503695
The Oasis standards group formed a new technical committee Thursday to develop XML protocols for digital signatures and cryptographic time stamping in a Web-services transaction.
Oasis has become a font of XML standards, housing specs ranging from ebXML to WS-Security to SAML. Its latest work, somewhat surprisingly, appears to overlap work being done at the World Wide Web Consortium on XML digital signatures. However, the W3C's work is on baseline XML standards such as XML Signatures and XML Encryption, both of which will ultimately play a role in the new Oasis standards, says Karl Best, director of technical operations for Oasis.
The Oasis digital-signature standard will be more application-oriented and focus specifically on the use of the technology within a Web-services context, the group says.
Vendors participating in the new technical committee include Entrust, Iona, NIST, Tibco, VeriSign, and webMethods.
The work of the new Oasis Digital Signature Services Technical Committee will enable Web services to produce and verify digital signatures and provide techniques for proving that a given signature was created within its private key validity period.
Delivering not just a digital signature but one with an accurate time stamp will be an important security provision in machine-to-machine Web-services transactions.