[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Musings on Notary signatures
On Fri, Apr 26, 2002 at 10:12:57AM -0500, john.dlugosz@xxxxxxxxx wrote:
> However, the above allows for another feature. The document produced by
> the notary can contain other information too, to implement things from
> section 4.1 of Applied Cryptography. For example, it can contain a serial
> number, so someone who doesn't trust Trent's clock can find other documents
> and know what order they were signed in (hmm, why would you trust Trent's
> counter but not his clock?), lists of other "before" and "after" customers,
> or other verification information that can be used to validate the
> timestamp in other ways, without the need for a trusted notary to have
> produced the timestamp signature.
This is essentially what the notary service at
http://www.itconsult.co.uk/stamper.htm does with serial numbers. One
can use a signature notation to do the same thing with the proposed
notary signature as well.
As a receipient of such a message, I think I would prefer the proposed
notary signature. It is in a well specified and understood machine
readable format, so anyone can verify any notary signature with a
minimum of fuss and/or new code.
David
--
David Shaw | dshaw@xxxxxxxxxxxxxxx | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson