Re: ESSCertID in TSP
Joerg Seidel <seidel@timeproof.de> Tue, 20 March 2001 15:44 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id KAA10123 for <pkix-archive@odin.ietf.org>; Tue, 20 Mar 2001 10:44:48 -0500 (EST)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id HAA27449; Tue, 20 Mar 2001 07:44:00 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Tue, 20 Mar 2001 07:43:57 -0800
Received: from sysiphos.maz-hh.de (sysiphos.maz-hh.de [192.109.56.14]) by above.proper.com (8.9.3/8.9.3) with ESMTP id HAA27411 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 07:43:55 -0800 (PST)
Received: from timeproof.de (timegate.maz-hh.de [192.109.56.29]) by sysiphos.maz-hh.de (8.9.3/8.9.3) with ESMTP id QAA09993; Tue, 20 Mar 2001 16:43:40 +0100 (MET)
Message-ID: <3AB77B5D.E65D12AC@timeproof.de>
Date: Tue, 20 Mar 2001 16:46:37 +0100
From: Joerg Seidel <seidel@timeproof.de>
Organization: timeproof GmbH
X-Mailer: Mozilla 4.76 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>
CC: ietf-pkix@imc.org
Subject: Re: ESSCertID in TSP
References: <3AB67DA0.11840561@certplus.com> <3AB729BB.E903088@timeproof.de> <3AB74B93.2438D89E@certplus.com>
Content-Type: text/plain; charset="iso-8859-1"
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
X-MIME-Autoconverted: from 8bit to quoted-printable by above.proper.com id HAA27449
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by ietf.org id KAA10123
Jean-Marc Desperrier wrote: > > On day A, Alice borrows Bob2000$. > She writes a statement "I owe Bob 2000$", digitally signs it, time-stamps the > signature and gives it to Bob , saying : "See, I owe you 2000$, and this > horodated statement proves it, digital signature, time-stamp, everything. > > The next day, Alice borrows Bob 2000$ again. > Alice writes a second statement "I owe Bob 2000$", digitally signs it, > time-stamps the signature and gives it to Bob, saying : "See, I owe you 2000$ > again, and this new time-stamp "proves" that this is what I owe you today". > > Of course it's very clear to everyone who has a good understanding of > time-stamp, that this new time-stamping proves _nothing_. Yes, now I see your point. You are totally right. The problem arises because the timestamp proves only that the signature was made before a given date, not at the date. There are serveral ways to solve this problem. One of them is to timestamp the document, sign the timestamp and timestamp the signature. This proves that the signature was made between the two timestamp times. Another is, as you stated already, to include the time in the document or as a signed attribute in the signature. What about this one: "I owe the owner of this document 2000$". It is equivalent to a cheque in the real world, but it has the value zero in any case, because there is no way to identify the original. The signer can always claim that he never gave the original to anyone - just copies. Regards Jörg -- __________________________________________________________________ Jörg Seidel phone +49-40-76629-1911 Director Technology fax +49-40-76629-551 timeproof GmbH Harburger Schloßstraße 6-12 mailto:seidel@timeproof.de DE 21079 Hamburg http://www.timeproof.de __________________________________________________________________
- ESSCertID in TSP Jean-Marc Desperrier
- Re: ESSCertID in TSP Joerg Seidel
- Re: ESSCertID in TSP Jean-Marc Desperrier
- Re: ESSCertID in TSP Joerg Seidel