International nonprofit consortium that advocates for e-business standards, the Organization for the Advancement of Structured Information Standards (OASIS), recently approved
a standard for digital signatures. Version 1.0 of the Digital Signature Services standards intends to increase security in services such as electronic commerce and Web-based applications, by providing a secure mechanism to exchange electronic time-stamps, corporate seals, electronic postmarks and code signing.
"DSS allows sensitive signing keys to be protected by using tamper-proof signing devices and by locating the server in a room with controlled access. Costs are reduced with DSS, because security can be highly localized," explained Nick Pope of Thales eSecurity Ltd. in the announcement.
The standard describes two XML-based request and response protocols, one is used for signatures and the other is used for verification. With the continued growth of electronic commerce, new security mechanisms are always favorable. Currently the Universal Postal Union, a United Nations agency is working to incorporate the digital signature standard into its Electronic Post Mark system, according to OASIS.