[rfc-i] Signing RFCs

Joe Touch touch at isi.edu
Wed Jun 29 09:39:57 PDT 2011



On 6/29/2011 9:25 AM, Paul Hoffman wrote:
> On Jun 29, 2011, at 9:12 AM, Joe Touch wrote:
>
>> 1) the crypto is need as part of how you assure others that the
>> copies made on date Z have not been tampered with or changed
>
> The crypto cannot do that unless we also use a timestamping
> authority that is trusted by all entities that might ever demand to
> know about something that happened on date Z.

Crypto is needed as *part* of the solution, though. Yes, there's more 
needed.

As has been noted, without the timestamp part, crypto just authenticates 
the content as untampered, which isn't typically what is needed (and can 
already be supported within, e.g., HTTPS).

 > Russ did not suggest
> that we do that, for what I hope are obvious reasons. See related
> discussions on the PKIX WG archives over the past decade, with a
> periodicity of about 18 months.

Then

>
>> 2) the equipment costs are only a very small part of the overall operational expenses; other costs include training, logging, and verification.
>
> Noted. The same costs will be there for signing.
>
>> I wouldn't be surprised if a full-scale "is this doc valid as of
>> date X" archive might end up being a large part of the publication
>> budget, if done to the level expected by law enforcement.

> And thus we are not talking about that. We are talking about
> reducing the pain of responding to subpoenas.

Sorry - I thought the subpoenae were asking for "is this doc what was 
published as of date X". If that's NOT correct, then we really need to 
start with what's needed... what we really need here is a lawyer to tell 
IANA what would make responding to such requests easier. See below, 
however...

 > If I remember correctly
> from something someone said a few years ago, the subpoenas the IETF
> had received were all from civil courts, not "law enforcement".

Sorry - I should have said "the legal system" - irrespective of whether 
it's civil or criminal.

> the person can say whatever they want. "I copied X into a backup near
> date Z, and here is a copy of that backup" will possibly lead to much
> shorter testimony than "I digitally signed X around time Z and here is
> an explanation of that signing technology", particularly if you also
> need to invoke such things as "and here is the CA that signed my signing
> key".

When a person says "I copied X into a backup near date Z", a good lawyer 
would ask "how do you know *this* document was part of that process"? 
That's why notary organizations (that's what we're asking for) usually 
have very detailed procedures; those procedures are frequently the focus 
of their testimony.

Now that I raise the point, why not foist this off to another 
organization that already supports this? e.g.:
http://www.surety.com/

(I have *no* relationship to this or any other such company, FWIW)

Joe


More information about the rfc-interest mailing list