Abstract
As metadata providers increase in number and diversity, and additional contexts for metadata use are identified, issues of trust, provenance and identity gain in relevance. Use of a publickey infrastructure (PKI) is discussed for digital signature of metadata records, providing evidence of the identity of the signer and the authenticity of the information within the record. Two methods are suggested; firstly, the W3C XML-Signature, and secondly, identification of a minimal set of metadata elements that enable signature verification across various character sets and formats, using the OpenPGP standard. Possible strategies for handling annotation within this infrastructure are suggested. Finally, some use cases are briefly discussed.
The copyright for articles is retained by the author(s), with first publication rights granted to DCMI for publication in the electronic and print proceedings. By virtue of their appearance in this open access publication, articles are free to be used with proper attribution for educational and other non-commercial purposes. Other uses may require the permission of the author(s).