[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks

To: "Peter Sylvester" <Peter.Sylvester@xxxxxxxxxx>
Subject: RE: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
From: "HOUSSIER Loic RD-MAPS-ISS" <loic.houssier@xxxxxxxxxxxxxxxxx>
Date: Fri, 17 Dec 2004 10:19:14 +0100
Cc: <ietf-ltans@xxxxxxx>
List-archive: <http://www.imc.org/ietf-ltans/mail-archive/>
List-id: <ietf-ltans.imc.org>
List-unsubscribe: <mailto:ietf-ltans-request@imc.org?body=unsubscribe>
Sender: owner-ietf-ltans@xxxxxxxxxxxx
Thread-index: AcTji/r2NZ6DlNifQDqnGDDEolBT0QAhdFDg
Thread-topic: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks

Peter,

See my comments hereafter:


> > [LH]I my view, a LTA was an trusted authority, then could 
> be able to deliver signed-notification. (analogy whith TSA). 
> Am I really wrong ? If it's the case, and if you have the 
> time, could you clear my mind ?
> 
> 
> That was also my position (water below), i.e. an service 
> where you don't split
> between the backend of archiving and a front end that delivers
> an attestation. 
> 
> I don't thino you are wrong, you just use TWO services one behind
> each other in a particular configuration, hydrogen+oxygen 
> but you can have oxygen+carbon, this gives something else, 
> also good for
> plants.  The analogy stops here, because I am not saying that you need
> boths, since otherwise plants won't grow. :-)
> 
> but you can have different type of USERS and SERVICES, it depends
> on where you put responsibilities. And sometime you need a 'NOTARY'
> in between. 
> 
[LH] I need there an explanation what's a 'NOTARY' in this case ?


> 
> > [LH] I just had a problem with this. A the end of the 
> archivation period, (if it's 30 years e.g.) how the user know 
> that it is the end ?
> > Must only the user deal with that ?
> 
> Well, a user can count? 
[LH] Well I guess so.

>Whether a user is informed about a 
> deletion, seems to
> me an independant service, informing *THE USER* after 30 years
> may be difficult anyway. what seems important for the protocol is
> that the user can be identified, i.e. one has enough 
> redundant information
> about who owns or may own or may retrieve the info, this may 
> be for example
> the court of city, etc. 
[LH] I agree, you're right.


> > [LH] As you can read, my english is poor compare to yours. 
> What I wanted to say is that an LTA could not provide means 
> for confidentiality.
> > Confidentiality could be part of the front end of the service, no?
> 
> Or the user: As far as I know, confidentiality with crypto 
> means is never
> supposed to last TOO long. An example: Would you think that a 
> company that
> hold a patent and recipe for a well know brown coloured drink 
> would store
> the information at an external archiver and transfer the 
> information using
> the Internet? 

[LH]But maybe I gave a clumsy example. Let's think about DRM. Artist can store music theme without needing confidentiality I think.
Furthermore, I'm not sure I understand what you say...
Are we OK in the fact that the TAA must not deal with confidentiality, wheter it is dealed by submitter or front-end service ?

> regards
> Peter

Thank you,
Loīc

Prev by Date: RE: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
Previous by thread: RE: [draft-ietf-ltans-reqs-03.txt] Questions & Remarks
Index(es):
- Date
- Thread