[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ERS - using hash tree?

To: todd glassey <tglassey@xxxxxxxxxxxxx>
Subject: Re: ERS - using hash tree?
From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
Date: Thu, 27 Dec 2007 02:13:31 -0800
Cc: Jesus Maria Mendez Perez <jesusmmp@xxxxxxxxx>, Tobias Gondrom <tgondrom@xxxxxxxxxxxx>, ietf-ltans@xxxxxxx
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=ix.netcom.com; b=mmh6cdN0iiObXxAcTyQjcqYqXJ9kXfUDgyu93a9vFdL0k5W10iB63Bi//V8mT9Iq; h=Received:Message-ID:Date:From:Organization:X-Mailer:X-Accept-Language:MIME-Version:To:CC:Subject:References:Content-Type:X-ELNK-Trace:X-Originating-IP;
List-archive: <http://www.imc.org/ietf-ltans/mail-archive/>
List-id: <ietf-ltans.imc.org>
List-unsubscribe: <mailto:ietf-ltans-request@imc.org?body=unsubscribe>
Organization: IDNS
References: <c58e154b0711270754k68004dbei7a89f473d511e244@xxxxxxxxxxxxxx> <2666EB2A846BAC4BB2D7F593301A786801F19531@xxxxxxxxxxxxxxxxxxxx> <c58e154b0712261631v742d04a3gfd734874edae494b@xxxxxxxxxxxxxx> <054301c84823$352520a0$174f7d40@xxxxxxxxxxxxxxxx>
Sender: owner-ietf-ltans@xxxxxxxxxxxx

Todd and all,

Jesus and yourself are making some very good points here as to
the issues regarding "Data integrity" and the admissibility of
archived data in a federal court of law. The relatively new
E-Discovery rules are quite vague regarding the verifiable
integrity of data and how that is determined. Challenging
the admissibility of any archived data is really still wide open,
ergo many different Spoliation arguments can be brought forth
successfully depending on the history of the original data, and
how, where, when, and how many times it was accessed, by
whom, and if man in the middle manipulation was possible if
said data was archived remotely or to a remote location of
media. Media type may also be an issue as well.

Regards,

Spokesman for INEGroup LLA. - (Over 277k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827

todd glassey wrote:

Merry Christmas All - Jesus - the phrase you are looking for is the concept of "Data Spoliation" and its something that offends System's Admins everywhere because it means we want proof from their systems which is stronger than their word. That said - if LTANS wants to be used in the world it needs to meet Legal Control Requirements on Digital Content and if it doesn't it doesn't matter what we do technology wise if that is not done, since the records controlled in the LTANS system will not be admissible in a court of law without extreme cost and extra hearings to authenticate that data properly... The problem here I think is that this WG doesn't want to hear that. It also doesn't seem to want to embrace that the Court's are a lot smarter than they used to be. One of my partner's is actually fighting a data spoliation case in the Federal Court's in NY so I know this stuff is a key issue.
As to your commentary - Those five hours of data are spoiled and well - that makes this a real issue I think. Todd

----- Original Message -----

From: Jesus Maria Mendez Perez

To: Tobias Gondrom

Cc: ietf-ltans@xxxxxxx

Sent: Wednesday, December 26, 2007 4:31 PM

Subject: Re: ERS - using hash tree?
Hello Tobias, I´m Jesus.
I have some questions and I hope you can help me.
First, about what happen with the gap of time that pass while you send a data object and finally at the evening the ERS-system build
the hastree for all documents that were archived during that day?. For example, if you send a data object at 3:00 pm and the ERS-system build the hashtree at 8:00 pm... you have 5 hours during which that data object could lose its integrity. What can we do in this situation?
Could be the solution to timestamp every data object separately and inmediately after they are sent by the client and when the ERS-system have to build the hashtree, the hash-tree will built with all these data objects and its timestamps?
And now about the ARCHIVE operation. In the LTAP Protocol draft is said LTAP Protocol is asynchronous by nature. And my question is about then second response (service response). Will a client receive the second response when the TAS hast just received the data object or when the archive operation has just finished (the hashtree has been built)?
If the ARCHIVE operation is asynchronous we really need another operation to permit a client to check if the full archive operation has finished...
Finally about the information called "Complementary data" in the article "Long-term trusted preservation service using service interaction protocol and evidence records", does it include only timestamping certificates?, or does it include timestamps' certificates
and user signer´s certificates?. Are they obtain by SCVP and save up as complementary data in the archive operation?
Thanks and Happy Christmas

References:
- Re: ERS - using hash tree?
  - From: Jesus Maria Mendez Perez
- RE: ERS - using hash tree?
  - From: Tobias Gondrom
- Re: ERS - using hash tree?
  - From: Jesus Maria Mendez Perez
- Re: ERS - using hash tree?
  - From: todd glassey

Prev by Date: Re: ERS - using hash tree?
Previous by thread: Re: ERS - using hash tree?
Next by thread: I-D Action:draft-ietf-ltans-xmlers-01.txt
Index(es):
- Date
- Thread