ietf-openpgp
[Top] [All Lists]

Re: Musings on Notary signatures

2002-04-26 09:21:50

On Fri, Apr 26, 2002 at 10:12:57AM -0500, 
john(_dot_)dlugosz(_at_)kodak(_dot_)com wrote:
However, the above allows for another feature.  The document produced by
the notary can contain other information too, to implement things from
section 4.1 of Applied Cryptography.  For example, it can contain a serial
number, so someone who doesn't trust Trent's clock can find other documents
and know what order they were signed in (hmm, why would you trust Trent's
counter but not his clock?), lists of other "before" and "after" customers,
or other verification information that can be used to validate the
timestamp in other ways, without the need for a trusted notary to have
produced the timestamp signature.

This is essentially what the notary service at
http://www.itconsult.co.uk/stamper.htm does with serial numbers.  One
can use a signature notation to do the same thing with the proposed
notary signature as well.

As a receipient of such a message, I think I would prefer the proposed
notary signature.  It is in a well specified and understood machine
readable format, so anyone can verify any notary signature with a
minimum of fuss and/or new code.

David

-- 
   David Shaw  |  dshaw(_at_)jabberwocky(_dot_)com  |  WWW 
http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

<Prev in Thread] Current Thread [Next in Thread>