Steve> One could establish an entry for a role such as " Vice
President, Sales" with the intent that the private key corresponding
to certificate associated with that role would be made available to
the individual who was the current occupant of that role. ...
The individual who fills the role might
have his own certificate that identifies him merely as an employee of
the company, with no indication of title. An advantage of this scheme
is that it minimizes CRL listings when people change jobs.
Steve> For external purposes, it may suffice to have a document
signed with the private key corresponding to the role of Sales VP,
irrespective of the individual currently occupying that role. The
fact that the current role occupant is capable of using the token to
sign the document may suffice for external business purposes, where
the concern is not so much WHO signed the document but whether the
signer was AUTHORIZED (empowered) to sign on behalf of his company.
Internally, there is usually an accountability requirement that might
be met by having the role occupant ALSO sign the document, so that we
know which Sales VP (serially over time) committed the company on
that money loosing fixed price bid ... Use of multiple signatures on
a document would support this model of doing business.
Steve> Although I recall Mr. Jones not being fond of this model, when
I mentioned it previously, I don't recall any substantive, technical
arguments being put forth.
What continues to baffle me about this thread is that no one has cited
any application where an electronic document signed by a role, as
opposed to a person, could be used. As I have tried to point out before,
signatures are accepted as publicly signifying intent to be bound by
an agreement. So far as I can tell, it takes a person to bind a
corporation, roles have never done so. Now it may be the the legal
system is foolish to demand that people testify as to the truth of
an assertion, but until the legal system changes, the signature of some
abstract role will be of no value that I can imagine. This strikes me
as a solution that has yet to find a problem that it can solve.
There may be a few cases where it would be useful to have an automatic
box sign a document, such as to specify the time it were created. Then we
can say the "The box certifies that the time is ...", but in the case
where the meaning of the document can only be determined by reading the
document, it will take a human being to verify that the document binds
the corporation. By the way, I can imagine a cash register calling a
manufacturer as saying "We have sold 'n' copies of item 'p' and so we
need to be resupplied", but that happens now WITHOUT a signature, so
what I would like to hear about is some real live application where a
signature is required today that could be signed by a role.
What I am really arguing is that there is no legal value to be gained
by signing a document with a role's public key, other than that it
helps to establish the origin of the document. But in that case, the
actual role used to sign the document has little bearing of the status
of the document. Authorization has nothing to do with it. It is of NO
interest to ANYONE outside the corporation whether some individual inside
the corporation was authorized or not, it is only important that the
document can from the corporation and that the receiver has some reason
to believe its validity.
Peace ..Tom