[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks

To: <ietf-ltans@xxxxxxx>
Subject: AW: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
From: <Ulrich.Pordesch@xxxxxxxxxxxxxxxx>
Date: Mon, 13 Dec 2004 17:56:15 +0100
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-ltans/mail-archive/>
List-id: <ietf-ltans.imc.org>
List-unsubscribe: <mailto:ietf-ltans-request@imc.org?body=unsubscribe>
Sender: owner-ietf-ltans@xxxxxxxxxxxx
Thread-index: AcTewSMNJ+OTVbjfRgylStL26+rhSQCZUsoQAAIoUsA=

> -----Ursprüngliche Nachricht-----
> Von: owner-ietf-ltans@xxxxxxxxxxxx [mailto:owner-ietf-ltans@xxxxxxxxxxxx]
> Im Auftrag von HOUSSIER Loic RD-MAPS-ISS
> Gesendet: Montag, 13. Dezember 2004 16:32
> An: ietf-ltans@xxxxxxx
> Betreff: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
> 
> 
>  Hello,
> I am pretty new to ltans subjets.
> I read the Requirements draft and have some questions. Don't worry if some
> looks stupid, please let me know if it's the case.
> 
Be welcome. Your Questions are not new, but not stupid.
> 
> 
> §4.1.1
> You talk about "acknowledgment" that have to be provided by a LTA.
> I think these must be signed by the LTA in order to give submitter an
> evidence that he sent data to LTA.
> What the need of unsigned acknowledgment?

In an inhouse environment LTA is a service for an application system. E.g.
inhouse environment is a hospital, LTA is document management or archive
system and application system is a medical system used for generation of
medical documents and signing them by doctors. 
In this case only evidence records are needed to verify, that archived
documents existed at a certain point in past - e.g. before signature and
hash-algorithms used in it got weak or certificates in it were revoked.
Acknoledgement is useful to have an indication, that storing was accepted
and successful. But no proof for document delivery is needed, therefore no
signed acknoledgements are needed.

If archive service is an external by a service provider, proof of delivery
using a signed acknowledgement might be helpful. Problem is, that signed
acknowledgement is valid only a relatively short time. It will loose its
value of evidence over long periods of time (up to 10 or more years),
because hash- and signature algorithms in it will get weak and certificates
expire. Archive service provider possibly could therefore repudiate this
acknowledgement after lets say 20 or 30 years if he wants to. 
Sending signed acknowledgement to another service provider who has to
archive it would leed us to recursive and in effect very complex solutions.
Therefore we prefer other strategies like protocols and external audits of
archive service providers to avoid successful repudiation of delivery.
 
Last but not least it would not be acceptable for users that he must store
signed acknoledgements for every (maybe little) document he delivered to an
archive service provider. If he wants to avoid to store documents by using
an archive provider and has to store signed acknoledgements - were is the
benefit?
Storing a little index like a hash value or an integer should be sufficient
to retrieve archived documents.

References:
- [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
  - From: HOUSSIER Loic RD-MAPS-ISS

Prev by Date: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
Next by Date: Re: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
Previous by thread: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
Next by thread: Re: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
Index(es):
- Date
- Thread