Re: [ltans] Concrete examples of long-term archiving
Istvan Zsolt BERTA <istvan.berta@microsec.hu> Fri, 12 August 2011 15:24 UTC
Return-Path: <istvan.berta@microsec.hu>
X-Original-To: ltans@ietfa.amsl.com
Delivered-To: ltans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0D7621F89C1 for <ltans@ietfa.amsl.com>; Fri, 12 Aug 2011 08:24:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.911
X-Spam-Level: **
X-Spam-Status: No, score=2.911 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NGvYaVPp3T0d for <ltans@ietfa.amsl.com>; Fri, 12 Aug 2011 08:24:41 -0700 (PDT)
Received: from everest.microsec.hu (everest.microsec.hu [193.226.230.4]) by ietfa.amsl.com (Postfix) with ESMTP id 5EAE921F881C for <ltans@ietf.org>; Fri, 12 Aug 2011 08:24:40 -0700 (PDT)
Received: from [10.42.223.165] (z165.e-cegjegyzek.hu [10.42.223.165]) by everest.microsec.hu (8.12.11.20060308/8.12.11/SuSE Linux 0.7) with ESMTP id p7CFPEEg001374 for <ltans@ietf.org>; Fri, 12 Aug 2011 17:25:16 +0200
Message-ID: <4E4545E5.9060003@microsec.hu>
Date: Fri, 12 Aug 2011 17:25:25 +0200
From: Istvan Zsolt BERTA <istvan.berta@microsec.hu>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: ltans@ietf.org
References: <BE403E73-8966-4FB9-9624-DAC303A0EC0D@cdc.informatik.tu-darmstadt.de> <4E4243A2.5030805@microsec.hu> <4E428403.5080203@earthlink.net>
In-Reply-To: <4E428403.5080203@earthlink.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Subject: Re: [ltans] Concrete examples of long-term archiving
X-BeenThere: ltans@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: LTANS Working Group <ltans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ltans>, <mailto:ltans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ltans>
List-Post: <mailto:ltans@ietf.org>
List-Help: <mailto:ltans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ltans>, <mailto:ltans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Aug 2011 15:24:43 -0000
Dear Todd, 2011.08.10. 15:13 keltezéssel, todd glassey írta: >> In Hungary, the authentic long-term archival of electronically signed >> documents is included in the e-signature law. Aside qualified CAs, we >> also have qualified archiving service providers. >> > Is there a Design Specification available? What do you mean on Design Specification? We have the archiving service listed in our e-signature law, and this law prescribes the requirements a qualified archiving service provider must fulfill. There is an English version here: http://www.docshare.com/doc/199777/hungary Our authorities also released some 'guidance' on the technical requirements and policy requirements, but I think they are going to be superseded by the recently released ETSI specifications: ETSI TS 101 533-1 Information Preservation Systems Security; Part 1: Requirements for Implementation and Management http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=31009 ETSI TR 101 533-2 Information Preservation Systems Security; Part 2: Guidelines for Assessors http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=34232 None of these requirements go into details like prescribing certain formats, etc. Regards, István >> >> >> The Hungarian Chamber of Notaries is running an archival project since >> 2007. Certain classes of notarial deeds are archived electronically. >> The notary creates the notarial deed on paper, scans it (as PDF), >> signs it with her qualified electronic signature and sends it to the >> archives (our company is a qualified archiving service provider, we >> run these archives). A few million notarial deeds are archived this >> way currently. >> >> Notaries create their signatures in XAdES-A format, and in the >> archives these signatures are archived in an LTANS ERS -like format. >> We do not use ERS because when our system was started, ERS RFCs were >> not available yet, but our logic is very similar to ERS. >> >> >> Electronically signed documents are also used (and archived) in >> context of the Hungarian registry of businesses. If you want to found >> a company in Hungary, you need to turn to a lawyer, and your lawyer >> submits the necessary electronically signed documents to the business >> registry court. The judge at the registry court also creates an >> electronically signed resolution. >> Lawyers are required to archive these electronically signed documents, >> e.g. using a qualified archiving provider. This system also involves >> millions of documents, but only a small fraction of them is archived >> currently. (There are already certain resolutions that were not >> archived properly and their timestamps expired. They are problematic.) >> >> >> Unfortunately I have very little written information on this in >> English (our English website is rather just a placeholder): >> >> http://www.berta.hu/publications/Berta2007efpe.pdf (of year 2007) >> http://www.berta.hu/publications/Berta2011efpe.pdf (of year 2011) >> http://srv.e-szigno.hu/menu/index.php?lap=english_archiving >> http://srv.e-szigno.hu/menu/index.php?lap=english_firm_registry >> >> If you have any further questions, feel free to ask, and I shall do my >> best to answer. >> >> Regards, >> >> István >> >> >> >> >> >> >> 2011.08.04. 18:21 keltezéssel, Martin Augusto G. Vigil írta: >>> Hi, >>> >>> I am a PhD student and I have been working on a survey on long-term >>> authenticity and proof of existence. I have found many solutions >>> (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, >>> HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, >>> Directive 2001/115/EC) but few real life examples in which long-term >>> archiving is required and was already used. >>> >>> May someone point some concrete examples? >>> >>> Kind regards, ---- Martín A. Gagliotti Vigil Technische Universität >>> Darmstadt Cryptography and Computer Algebra Hochschulstraße 10 64289 >>> Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416 >>> >>> >>> >>> >>> >>> _______________________________________________ ltans mailing list >>> ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans >> >> _______________________________________________ >> ltans mailing list >> ltans@ietf.org >> https://www.ietf.org/mailman/listinfo/ltans >> > >
- Re: [ltans] Concrete examples of long-term archiv… todd glassey
- [ltans] Concrete examples of long-term archiving Martin Augusto G. Vigil
- Re: [ltans] Concrete examples of long-term archiv… todd glassey
- Re: [ltans] Concrete examples of long-term archiv… Ernst Jan van Nigtevecht
- Re: [ltans] Concrete examples of long-term archiv… Aljosa Jerman Blazic
- Re: [ltans] Concrete examples of long-term archiv… Liaquat Khan
- Re: [ltans] Concrete examples of long-term archiv… todd glassey
- Re: [ltans] Concrete examples of long-term archiv… Tobias Gondrom
- Re: [ltans] Concrete examples of long-term archiv… Istvan Zsolt BERTA
- Re: [ltans] Concrete examples of long-term archiv… todd glassey
- Re: [ltans] Concrete examples of long-term archiv… Istvan Zsolt BERTA
- Re: [ltans] Concrete examples of long-term archiv… todd glassey