Mailing list home
  Find posts   Help

Latest messageRecent messages

In this thread:
 First
 Prev
 Next
 See whole thread
By msg id:
 Prev: 30 Apr 2003 12:01
 Next: 30 Apr 2003 22:51

Other threads:
 Prev: =?iso-8859-2?Q?Yahoo=20maps?=
 Next: Some nice Water like gfx effects that coul

Same author:
 Prev: 30 Apr 2003 14:32
 Next: 6 May 2003 21:03

 Random message

Indexes:
 By topic
 By date
 By author
 By subject
Join the Mailing List....
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
27-Jul 0:49 UTC
[0.061] 10.377k
Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[REBOL] Re: rebol and electronic-signature ...

From: petr::krenzelok::trz::cz at: 30-Apr-2003 19:52


Ladislav Mecir wrote:


>Hi Pekr,
>
>>simple question - for e-business automation purposes, our law allows to
>>replace paper invoices by electronically delivered once, but such data
>>has to be electronically signed (hopefully not encrypted). So I would
>>like to ask, if Rebol/Command is able to somehow investigate the
>>certificate, check it and to send electronically signed documents.
>>
>>I am not sure I understand the issue correctly, but am I correct that
>>electronic signature is "just" public key file attached to the end of
>>the email?
>>
>>
>

>According to the czech law the electronic signature isn't "just" a public key file attached 
to the end of the email. To be recognized as an electronic signature, it has to be registered.
>

yes .... I am now pressed for the time, so I haven't read all the
answers properly yet, but it works as follows:

- there is so called Certification Authority - independent, trusted
party, which you ask for generating you a certificate
- let's say your company wants to send me e-signed invoice - you tell me
what CA you use, and I have to install their Certificate
- you send me e-signed (beware - e-signed does not necessarily mena
encrypted) stuff
- I extract key from the message body and check against installed CA, if
you are valid partner to deal with

1) here you can imput your e-mail adress, and CA Czechia will send you
an example email - you can look at message source in your favourite
mailer. In Mozilla and Outlook, you will find special icon, which will
enable you to see certificate tree -
http://www.caczechia.cz/ca/poslatmail.asp

2) and here you can see ROOT CA Czechia Certificate, CA Czechia
certificate - http://www.caczechia.cz/ca/cacert.asp
try following link -

print read http://www.caczechia.cz/ca/caczechiaroot.cer

and try to press it as a link from your browser - as you can probably
see - browsers know how to parse it - you will be able to accept it and
see its structure. I called Czechia Tech support and they told me
OpenSSL was used + some OS services or so. Now the question is - if
browsers know how to parse it into structure, why Command can't? Maybe
that is exactly what Command docs note is about - it can handle
certificates internally, but does not expose the info .... in such case
though, Command misses one fine area of possible usage - apps for
e-signed communication ...

... or am I still missing something? :-)

Cheers,
-pekr-

1 · 2 · 3 · 4 · 5 · 6 · [7] · 8 · See whole thread