About 60 attendees shared in our discussion, in which we explained that in our view,

1. From the two popular signing systems PGP and X.509 ("SSL certificate"), particularly PGP is structured to suit business reality.
2. When asking customers to sign online, the least troubles are to be expected when they sign plain ASCII text from within their mailtool, rather than HTML from within their browsers;
3. Neither signing system currently provides the certainty needed for commercial activities;
4. Existing signing systems would benefit from using signing policies from a centrally operated set of such policies;
5. Our proposal for signing policies in URN-form, usable in X.509 as well as PGP and XML Signing, would be advantageous to repair this lack of certainty.
6. OpenFortress is working on code for this proposal; we plan to release an open source library implementation. We have a strong preference to define all this through an IETF standard, but have thus far not collected the support to be able to realise that.

Our slides and position paper tell the rest of our story. See our previous anouncement if you like.

We welcome your comments on these documents at signpolicy@openfortress.nl, or as updates by following the link below.