RE: Time-stamping.

"Gary Visser" <gary@timestamp.com> Tue, 20 March 2001 19:29 UTC

From: Gary Visser <gary@timestamp.com>
To: IETF-PKIX <ietf-pkix@imc.org>
Subject: RE: Time-stamping.
Date: Tue, 20 Mar 2001 11:28:40 -0800
Message-ID: <PKELJKDELDJOFGCJNPLCAEPFCBAA.gary@timestamp.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0008_01C0B130.E9ED3F40"
In-Reply-To: <001a01c0b130$280b4e30$966801c4@insight>
Importance: Normal
Precedence: bulk

Peasant Dambe wrote:
> Time-stamping of the dataum does not bind the time-stamped data to
paticular user.
> So where it will be used as it does not bind creator identity.
Correct, but the timestamp is bound to a particular entity. This entity is
providing a service similar to a public notary, someone who can attest to
the fact that the datum existed prior to a specific point in time.

> Any one can claim that  I am the author of the document.
Sure they can make the claim, but can they prove it? If you time-stamped the
document, you are claiming to have 'seen' a digest of the document, not that
you are its author. As an entity that timestamps documents I will go into a
court of law and attest to the fact that an agent of mine saw a digest of a
document at a particular point in time, provided of course that I have
determined that my agent has not been compromised. I will not make any
claims regarding the content or author of the document.

> Until there is specifically identification of the creator inside the
document itself.
> One way to do this is to to sign over dataum plus time-stamped -data.
> And if the time-stamped signature value is placed as unsigned attribute,
> it can be also replaced and it is undetectable in current specification.
> So in the current draft IS time-stamp generated fully secured?
I do not believe that the draft says you can not include the timestamp as a
signed attribute.
So you are free to do this in your systems. Others may also choose to do
this.
But the timestamp is a separate entity from the datum and need not be a
signed attribute.
An alternative that provides basically the same level of trust, is to
require that the timestamp be available from the author or timestamp
authority separate from the datum.
If the draft required that the timestamp be a signed attribute, then you
would not, for example, be able to append timestamps to messages within the
mail server as they are being delivered.

Keep in mind that these standards are not enough to build a 'fully secured'
system. You must apply and adhere to a security policy to make the system as
'fully' secured as needed. I believe that the authors of these standards go
to great lengths to ensure that no particular security policy is mandated by
the standard. Thereby allowing you to build a system that meets your
requirements.

Gary Visser
Timestamp.com

-----Original Message-----
From: Prashant Dambe [mailto:prashant@elock.co.in]
Sent: Tuesday, March 20, 2001 3:23 AM
To: ietf-pkix@imc.org
Subject: Time-stamping.

Time-stamping of the dataum does not bind the time-stamped data to paticular
user.
So where it will be used as it does not bind creator identity. Any one can
claim that  I am the author of the document. Until there is specifically
identification
of the creator inside the document itself.
One way to do this is to to sign over dataum plus time-stamped -data.
In this case user can replace the signature put its own signature.
So Is not that time-stampng of signature value is necessary.
And if the time-stamped signature value is placed as unsigned attribute,
it can be also replaced and it is undetectable in current specification.
So in the current draft IS time-stamp generated fully secured?

Prashant Dambe

Time-stamping. Prashant Dambe
Re: Time-stamping. Jean-Marc Desperrier
RE: Time-stamping. Gary Visser