Beyond identity: Warranty-based digital signature transactions
We distinguish between two types of digital-signature based transactions: identity-based and warranty-granting. In the relatively static (and traditional) offline “identity-based” transaction, a Certification Authority (CA) vouches for validity and veracity of data in a user's certificate. Whereas, in the more dynamic “warranty-granting” case, which we identify in this paper, a third-party entity vouches for a user on a pertransaction basis while considering the user's history and characteristics. Here, we provide a modeling for a warranty-granting transactions system and demonstrate its importance in the banking/financial/commercial setting. Warranty-granting systems can be implemented in one of several configurations based on the type of transaction and which party pays for the service (of acquiring the warranty). We discuss the primary configurations and then give a detailed specification for one of the discussed configurations.
Unable to display preview. Download preview PDF.
- [Froomkin96]A. M. Froomkin, ”The essential role of trusted third parties in electronic commerce”, 75 Oregon L. Rev. 49, 1996. (See also http://www.law.miami.edu/froomkin/articles/trustedno.htm)Google Scholar
- [X509]CCITTRecommendation X.509, ”The directory-authentication framework,” Consultation Committee, International Telephone and Telegraph, International Telecommunications Union, Geneva, 1989.Google Scholar
- [ABA]American Bar Association, ”Draft Digital Signature Guidelines”, Information Security Committee of the Section on Science and Technology, 1996 (Available online: http://www.state.ut.us/ccjj/digsig/dsut-gl.htm)Google Scholar