OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] InfoPath Digital Signature controversy?

[ Lists Home | Date Index | Thread Index ]

>      "Since InfoPath signs the data only, it is extremely easy to add
> things to the user interface after the user has signed, like fine print
> obligating the user to terms and conditions to which the signer did not
> originally agree "

Would you sign an online loan agreement where the fine print -- such as
the late payment fee -- wasn't part of the digital signature?

In the absence of other legal agreement, it would appear that you can only
use Infopath signatures to get content integrity.  Whether or not you see
this as a big issue depends on whether or not you think pure online plays
will not have an "other legal agreement" in place.


Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS