Hello Tobias, we agree with all of your remarks. Thanx. We also don't see any complications regarding the legislation (at least German law requires the renewal of signatures). We are going to adapt our draft in this way, that a policy should also contain expired algorithms. So for verfication only the current policy is needed. Best regards Thomas and Susanne > Hi Thomas, Susanne, Todd, Carl and all, > > Maybe a few thoughts about the discussed items: > > Starting with the simple things: > I agree with Carls assessment that for the verification the critical > information is the policy stating which algorithms had been valid from > date a to date b. Period. > I understand your idea of providing older policies to support the fact > that an archive service did operate correctly, but this is not the main > reason for the policy in the verification process. > The main use for the policy is that any verification party can use it > and check an ERS or other signatures whether any of the used algorithms > had been broken before they were renewed. (this is a precise > mathematical test, and does not automatically imply careless handling of > the archive system). > For the verification party only this hard facts count: Has the signature > been renewed in time or not, defined by the current policy. > (the old policies may indicate a wrong-doing of the archive system or > justify its actions but they must not influence the evaluation of > "valid"/"not-valid". > > (comment: and if it happens that the policy issuing authority > retrospectively shortens the timespan of an algorithm, this will be for > a reason which should not be ignored.) > > > Concerning the issuing of the policy: I think that to prove its > authenticity and integrity it should be sufficient to sign it (via CMS) > by the authority (e.g. NIST, German Bundesnetzagentur, ...) > > > I can not see any real problematic legal inter-country related > implications. > A signature must be valid in the country where it is presented to the > court. > Which includes the renewal done with ERS must be so as well. > In court the judge will call upon the guidance of the countries security > authority (in case of US this would be NIST) to decide whether > algorithms are secure or have been broken and when. If these authorities > publish this statement in the form of a signed policy, this would be a > clear and reliable statement. (today they publish this in unsigned pdf > and on paper) > > Dito in other countries. > (obviously as these judgements of algorithms can vary between countries, > an archiving service would have the duty to watch carefully for > algorithm lifetime announcements the local national bodies corresponding > to its stored documents make) > > Best regards, Tobias > -- ___________________________________________________________ Dipl.-Math.(FH) Susanne Okunick Fraunhofer Institute for Secure Information Technology Department Transaction and Document Security Rheinstraße 75, 64295 Darmstadt, Germany phone ++49 / (0)6151 869 60005, fax ++49 / (0)6151 869 322 homepage: http://www.sit.fraunhofer.de ___________________________________________________________ The electronic Signature is certified by the Fraunhofer CA: http://pki.fraunhofer.de/FhG-CA-Certs/FhG-CA_v2_cert.der ___________________________________________________________
Attachment:
smime.p7s
Description: S/MIME cryptographic signature