[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Musings on Notary signatures

To: <ietf-openpgp@xxxxxxx>
Subject: Re: Musings on Notary signatures
From: "vedaal" <vedaal@xxxxxxxxxxx>
Date: Fri, 26 Apr 2002 12:00:57 -0400
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx


----- Original Message -----
From: <john.dlugosz@xxxxxxxxx>
To: <dshaw@xxxxxxxxxxxxxxx>
Cc: <jon@xxxxxxxxxx>; <ietf-openpgp@xxxxxxx>
Sent: Friday, April 26, 2002 11:12 AM
Subject: Musings on Notary signatures


>
>
> From: John Dlugosz
>
> The normal interpretation of signing something is to agree with or assert
> its content.  If that's the only kind we have, we can do this:
>
> I sign my document.  Then to prove I did so at a specific time, send the
> signature (which may include the data or be detached, it matters not) to
> the notary.
>
> The notary produces a =new= document, which states "I afferm that the blob
> sent to me (length nn, SHA1=xxxxxxx) was done so at whatever time." and
> signs (afferms to) that.
>
> A notary sig packet would do the same thing, but could be added to the
file
> containing the signature being signed.  I beleive that is what the current
> discussion has agreed on.
>
> However, the above allows for another feature.  The document produced by
> the notary can contain other information too, to implement things from
> section 4.1 of Applied Cryptography.  For example, it can contain a serial
> number, so someone who doesn't trust Trent's clock can find other
documents
> and know what order they were signed in (hmm, why would you trust Trent's
> counter but not his clock?), lists of other "before" and "after"
customers,
> or other verification information that can be used to validate the
> timestamp in other ways, without the need for a trusted notary to have
> produced the timestamp signature.

There is still a problem with all this, in that it can verify only that the
signature was notarized at a certain time.
Nothing prevents the original signers from altering their computer clocks to
later or earlier as would suit them,
and then delay sending the signed message for notarization.
A possible practical solution at the user end, might be something as
follows:

Alice sends Bob a document for review, with instructions that when Bob is re
ady to sign it, Bob should send it
signed to Alice, and cc at the same time to an agreed-upon notary, for time
stamping, who would then cc it back,
already notarized/timestamped  to Alice and Bob.

vedaal

Follow-Ups:
- Re: Musings on Notary signatures
  - From: Jon Callas

References:
- Musings on Notary signatures
  - From: john . dlugosz

Prev by Date: Musings on Notary signatures
Next by Date: Re: Musings on Notary signatures
Previous by thread: Musings on Notary signatures
Next by thread: Re: Musings on Notary signatures
Index(es):
- Date
- Thread