On 4/26/2002 9:00 AM, "vedaal" <vedaal(_at_)hotmail(_dot_)com> wrote:
There is still a problem with all this, in that it can verify only that the
signature was notarized at a certain time.
Nothing prevents the original signers from altering their computer clocks to
later or earlier as would suit them,
and then delay sending the signed message for notarization.
I don't see why this is a problem. Let's suppose I'm the notary and Alice
hands me a signature that she produced in 1972. I notarize it. Big deal.
It's 12:40pm on Friday, 26 April 2002. If you want to believe Alice's date,
why do you need mine?
A savvy receiver of both signatures will decide that the correct timestamp
for the document is within epsilon of my time, not Alice's. (And if you
think my clock is wrong, then just get another notarized signature, or
notarize the darn thing yourself, and use *that* timestamp.)
All you have to do is assign reasonable semantics and procedures to
something. The semantic meaning of a notary signature is merely, "I saw it
at time T." It is a certification of sorts. It certifies not a name, but a
timestamp. Apply whatever trust model you like best to that signature.