Talk:Digital signature: Difference between revisions
Jump to navigation
Jump to search
imported>Howard C. Berkowitz (→Authentication: new section) |
imported>Sandy Harris |
||
Line 6: | Line 6: | ||
Again, you method will work, but I try to add features that can add a human as well as a pure crypto check. [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 14:01, 10 November 2008 (UTC) | Again, you method will work, but I try to add features that can add a human as well as a pure crypto check. [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 14:01, 10 November 2008 (UTC) | ||
: Yes, once you have the basic method, you can add other things. Use digital signatures to build either a PKI structure or a PGP-type "web of trust", put them in certificates, sign time stamps, or archived copies, build signature mechanisms that require a majority of keyholders to sign something, ... All those could be added in later sections, and should certainly at least be linked to. Other issues like the legal status of digital signatures also need discussion. | |||
: But I think the introduction needs more-or-less exactly what is there, a description of the signature mechanism itself. Maybe some elaboration on what a hash and a public key cryptosystem are, and what they bring to this party, but no other complications in the overview. [[User:Sandy Harris|Sandy Harris]] 11:35, 11 November 2008 (UTC) | |||
== Authentication == | == Authentication == | ||
Should it be established that the signer should have first authenticated with at least two factors? [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 14:07, 10 November 2008 (UTC) | Should it be established that the signer should have first authenticated with at least two factors? [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 14:07, 10 November 2008 (UTC) |
Revision as of 05:35, 11 November 2008
A point I've seen both ways
What you describe will work, but there's an additional potential check. In the body of the message hashed by the sender can be, minimally, some plain text, and preferably, a "inner signed signature", or ideally inner signature and trusted time stamp, also signed by a trusted third party.
Again, you method will work, but I try to add features that can add a human as well as a pure crypto check. Howard C. Berkowitz 14:01, 10 November 2008 (UTC)
- Yes, once you have the basic method, you can add other things. Use digital signatures to build either a PKI structure or a PGP-type "web of trust", put them in certificates, sign time stamps, or archived copies, build signature mechanisms that require a majority of keyholders to sign something, ... All those could be added in later sections, and should certainly at least be linked to. Other issues like the legal status of digital signatures also need discussion.
- But I think the introduction needs more-or-less exactly what is there, a description of the signature mechanism itself. Maybe some elaboration on what a hash and a public key cryptosystem are, and what they bring to this party, but no other complications in the overview. Sandy Harris 11:35, 11 November 2008 (UTC)
Authentication
Should it be established that the signer should have first authenticated with at least two factors? Howard C. Berkowitz 14:07, 10 November 2008 (UTC)