[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Algorithm revocation

To: Sönke Maseberg <maseberg@xxxxxxxxxxxxxxxx>
Subject: Re: Algorithm revocation
From: Joerg Seidel <seidel@xxxxxxxxxxxx>
Date: Fri, 23 Feb 2001 11:59:17 +0100
Cc: ietf-pkix@xxxxxxx
Organization: timeproof
References: <> <> <> <>

Soenke,

Sönke Maseberg wrote:
> > > The problem of timestamps occurs if they uses the compromised signature
> > > algorithm too.
> >
> > timestamp should be logged for this reason. This avoids the problems with
> > the signature algorithm.
> >
> IMO logging transfers the problem only. How do you protect the logged data?
> With breaking of the media ('Medien-Bruch')?

It is an additional security layer. Logged data can be secured by securing the
access, by using WORM devices and/or by using interlinked lists. If you would
like to have a secure system, you would better not relay on security feature
(eg. digital signature) but use other independent security measures.

If one of the layers fails the other can help...

Joerg
-- 
__________________________________________________________________

Jörg Seidel                             phone  +49-40-76629-1911
Director Technology                     fax    +49-40-76629-551
timeproof GmbH                          
Harburger Schloßstraße 6-12             mailto:seidel@xxxxxxxxxxxx
DE 21079 Hamburg                        http://www.timeproof.de
__________________________________________________________________

Follow-Ups:
- Re: Algorithm revocation
  - From: maseberg

References:
- Re: Algorithm revocation
  - From: Tom Gindin
- Re: Algorithm revocation
  - From: Soenke Maseberg
- Re: Algorithm revocation
  - From: Joerg Seidel
- Re: Algorithm revocation
  - From: Sönke Maseberg

Prev by Date: Re: multiple digitale signatures
Next by Date: Re: multiple digitale signatures
Previous by thread: Re: Algorithm revocation
Next by thread: Re: Algorithm revocation
Index(es):
- Date
- Thread