[REBOL] Re: rebol and electronic-signature ...
From: petr::krenzelok::trz::cz at: 30-Apr-2003 19:52
Ladislav Mecir wrote:
>Hi Pekr,
>
>>simple question - for e-business automation purposes, our law allows to
>>replace paper invoices by electronically delivered once, but such data
>>has to be electronically signed (hopefully not encrypted). So I would
>>like to ask, if Rebol/Command is able to somehow investigate the
>>certificate, check it and to send electronically signed documents.
>>
>>I am not sure I understand the issue correctly, but am I correct that
>>electronic signature is "just" public key file attached to the end of
>>the email?
>>
>>
>
>According to the czech law the electronic signature isn't "just" a public key file attached
to the end of the email. To be recognized as an electronic signature, it has to be registered.
>
yes .... I am now pressed for the time, so I haven't read all the
answers properly yet, but it works as follows:
- there is so called Certification Authority - independent, trusted
party, which you ask for generating you a certificate
- let's say your company wants to send me e-signed invoice - you tell me
what CA you use, and I have to install their Certificate
- you send me e-signed (beware - e-signed does not necessarily mena
encrypted) stuff
- I extract key from the message body and check against installed CA, if
you are valid partner to deal with
1) here you can imput your e-mail adress, and CA Czechia will send you
an example email - you can look at message source in your favourite
mailer. In Mozilla and Outlook, you will find special icon, which will
enable you to see certificate tree -
http://www.caczechia.cz/ca/poslatmail.asp
2) and here you can see ROOT CA Czechia Certificate, CA Czechia
certificate - http://www.caczechia.cz/ca/cacert.asp
try following link -
print read http://www.caczechia.cz/ca/caczechiaroot.cer
and try to press it as a link from your browser - as you can probably
see - browsers know how to parse it - you will be able to accept it and
see its structure. I called Czechia Tech support and they told me
OpenSSL was used + some OS services or so. Now the question is - if
browsers know how to parse it into structure, why Command can't? Maybe
that is exactly what Command docs note is about - it can handle
certificates internally, but does not expose the info .... in such case
though, Command misses one fine area of possible usage - apps for
e-signed communication ...
... or am I still missing something? :-)
Cheers,
-pekr-