[Top] [All Lists]

Re: Notary signatures

2002-04-25 18:09:03

On Thu, Apr 25, 2002 at 05:27:37PM -0700, Jon Callas wrote:
So -- what are you going to do with them? Why do you need it? I'd like to
move towards getting a new RFC soon, so explain what you want, and lets get
a rough consensus of the group that it's a good idea. If we get that, I'll
put it in.

Well, I'll let Len speak for what he is planning, but for me, it's
come up a number of times in the context of timestamping services.
There is no way to really trust the timestamp in a signature since the
maker of the signature can use whatever timestamp that suits them.  A
notary service can "guarantee" that signature by signing the
signature, and multiple independent notary services can be used to add
even more assurance that there is no collusion.  I have heard that
this was the intended use of the old notary signature.

Using a different type (0x50 is fine) for this is not strictly
required, but would be very useful on the validation side to know that
when you come across such a packet you are going to be looking for
another signature to check against it.


   David Shaw  |  dshaw(_at_)jabberwocky(_dot_)com  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

<Prev in Thread] Current Thread [Next in Thread>