Re: WG LAST CALL: draft-ietf-ltans-reqs-02.txt

[Ernst G Giessmann <ErnstG.Giessmann@xxxxxxxxxxxxx>]

Peter Sylvester wrote:

> During a telephone call Denis informed me that he had missed the 
> following message. For convenience (of Denis), I resend it. Sorry to
> bother the others again with the content. :-)
> 
> Peter
...
>> In fact the main constituents of an archive policy still need to be
>> defined. The following comments focus on one of the components of
>> an archiving policy, i.e. the cryptographic maintenance policy, so
>> the work still needs to be done.

The technical problem of maintaining the security status as it was at
the time of deposit is that algorithms become weaker and that
certificates binding a service or name to a public key may go
out-of-date. The service provider can stop her operation after the
latest NotAfter indication of all issued certificates is over and then
you loose the outside trust anchor of the archive.

So it is not document specific, but you must be able to determine
starting from the document which service-specific policy was active as
the document was deposed.

Certainly we can consider different possiblities for maintenance but
first we must think on crypto solutions.

Regards,
Ernst.