RFC006 TITLE: Digital signatures for DAS/2 Author: Matthew Pocock (mrp@sanger.ac.uk) Dependancies: None Version: 1 Date: 15 August 2001 Requirements ------------ Das data needs to be attributable to a source to be propperly QC'ed. With indirection technologies, such as a DAS-Cache system, DAS-gnutella or directory services, it becomes more important to validate that documents are what they claim to be. This should provide some protection against DAS spam. It also would allow data to be robustly categorized by author for the sake of searches or reviewing the quality of individual authors work. Mechanisms ---------- Digital signatures provide a tried-and-tested mechanism for ensuring the source of some data. Using an XML aware signing technology (for example, see [1]), a data-provider may optionally chose to sign some or all of their content. A client would then validate data by means of the signature. A single DAS response may be signed by multiple signeese, for example by the original data provider and an intermediate das-cache so that the entire patthway from provider to consumer can be validated. Multiple signatures may be used to indicate the server e.g. ensembl or wormbase and the annotation group (the humans or analysis pipelines). This is a choice of granularity, and one which should be allowed to evolve as the use-cases become clearer. Potentialy, individuals may publish annotation on multiple servers, in which case the server certificates would be different, but the individual signature would be common. References ---------- 1) http://www.ietf.org/html.charters/xmldsig-charter.html