Signatures Don't Establish Trust
What do we get with digital signatures alone?
We can establish the integrity of the document
We know the public key of the signer
But...
To trust the information we want to know more: why the signer signed it, who the signer is, and what rules we use to choose whom we trust.
DSig adds Assertions and automatability
signer
believes
statement
about
object
Statement
is machine readable (PICS/RDF syntax)
Jim Miller