--- begin forwarded text Date: Mon, 15 Feb 1999 15:21:57 +0100 Reply-To: Digital Signature discussion <[EMAIL PROTECTED]> Sender: Digital Signature discussion <[EMAIL PROTECTED]> From: Hans Nilsson <[EMAIL PROTECTED]> Subject: Later validation of Electronic Signatures To: [EMAIL PROTECTED] The validation of Electronic Signatures poses several difficult and interesting problems, in particular when it is necessary to validate an Electronic signature for example 20 years later, when the signer key has been compromised and revoked, the CA keys have been compromised, the crypto algorithm or key length used at the signature time is no longer secure, and the hash function used at at the signature time now exhibits message collisions. The validation problem changes over the different time frames: - near term, when all involved certificates are still valid and generally available, - long term, when one or more of the involved certificates have expired, - archival, when the initial cryptography used is no longer secure. Another interesting point to consider is how it is possible to know and trust the signing time as indicated by the signer. Denis Pinkas from Bull and I have written a "white paper" which deals with these kinds of situations and demonstrates the use of time-stamping. Hopefully this paper can serve as a tutorial to this difficult subject, but also as input for the discussion of a common validation model for electronic signatures.The paper can be found at the following addresses: http://www.id2tech.com/news/pdf/ES_validation.pdf http://www.openmaster.com/whitepapers/es_validation.pdf Hope you enjoy it! Hans Nilsson iD2 Technologies Stockholm SWEDEN http://www.id2tech.com --- end forwarded text ----------------- Robert A. Hettinga <mailto: [EMAIL PROTECTED]> Philodox Financial Technology Evangelism <http://www.philodox.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
