Digital Signatures to support Trust

Ronny BjonesSecurity ArchitectMicrosoft Corporate

www.oasis-open.org

Digital Signatures Scenarios Code Signing Integrity/Trust on a protocol level – many time

invisible Document signing (qualified or not) Form signing Claim-based Applications

Support Trust in Code Code Signing

ActiveX Kernel Drivers .Net Apps

Apps have an identity

Software Restriction Policies

Support Trust in Protocols SSL/TLS Client authentication s/mime signing

IPSec (IKE) Kerberos PKINIT …

Support Trust in Documents Signing contract

Office Signature XPS (XML Paper Specification) - WSIWYS

Patent requests

Support Trust in Workflows XML Signatures (Embedded Signatures)

Document types don’t change in the workflow after signature XAdES

Server side

Support Trust in Authentication & Authorization Claim-based Applications Identity Metasystem Authentication/Authorization become

policy-decisions

QuEST

Qualified Electronic Signatures Tutorial

Demystify Qualified Electronic signatures Best practice/guidance for designing a

Qualified Electronic signature solution

http://tinyurl.com/8428q

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be

interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.