Digital signatures get Web standards nod

OASIS standards group ratifies a tamper-proof method for handling electronic timestamps, postmarks or official corporate imprimaturs.

A standards group has completed work on digital signature technology designed to ensure data authenticity between interacting Web servers.

Version 1.0 of the Digital Signature Services standard provides a tamper-proof mechanism to provide electronic timestamps, postmarks or official corporate imprimaturs. Members of the Organization for the Advancement of Structured Information Standards (OASIS) gave the digital signature standard its highest level of ratification, the standard group said Thursday.

OASIS governs many emerging standards in the domain of Web services, a term that refers to sophisticated interactions of different servers over the Internet. With a digital signature Web service, a company could use a separate server to handle the chore rather than building it directly into each application that needed it.

The digital signature standard has two components, one for the signature itself and one for verification of the signature, OASIS said. So, for example, a computer service could send a document to a server to receive a digital signature or send a document and its signature to a server that will verify the document's authenticity.

One organization that has an interest in digital signatures and that worked with OASIS to develop the standard is the Universal Postal Union, a United Nations agency. It's working to incorporate the digital signature standard into its Electronic Post Mark system (UPU EPM), OASIS said.

Featured Video