SURFNSIGN - CLIENT SIGNATURES ON WEB DOCUMENTS

The emergence of World Wide Web-based systems and Web transactions has led to the need to find a mechanism that provides electronic signatur e capabilities as a replacement for written signatures. Such a mechani sm should guarantee authentication and nonrepudiation. Many Web applic ations could benefit greatly from such a mechanism, e.g., banking syst ems, tax filing, reservation systems, and corporate procedures. This p aper discusses the various approaches that could be taken to provide s uch a mechanism and suggests a solution that provides client commitmen t on Web documents by means of digital signatures. The architecture an d implementation of the solution, called Surf'N'Sign, is outlined in d etail. Our design of the solution gives special consideration to the s emantics of such a signature and to its proper and secure use on the W eb. Its prototype was implemented at the ISM Haifa Research as a plug- in to the Netscape browser and is integrated naturally into the browsi ng process. It provides a signing mechanism at the client, as well as the capability to archive and preview the signed documents. Surf'N'Sig n lends itself to easy integration with existing applications on the W eb.