John Gilmore wrote: > > > Sarbanes-Oxley Act in the US. Section 1102 of that act: > > Whoever corruptly-- > > "(1) alters, destroys, mutilates, or conceals a > > record, document, or other object, or attempts to > > do so, with the intent to impair the object's > > integrity or availability for use in an official > > proceeding; ... > > shall be fined under this title or imprisoned not > > more than 20 years, or both.". > > The flaw in this ointment is the "intent" requirement. Corporate > lawyers regularly advise their client companies to shred all > non-essential records older than, e.g. two years. The big reason to > do so is to impair their availability in case of future litigation. > But if that intent becomes illegal, then the advice will be to shred > them "to reduce clutter" or "to save storage space".
Battles like that will go on, although you raise an interesting point - most docs have legal shelf life limits. The main observation here is that signatures, once made, in whatever form, have a power well beyond the bits that they consume or the paper they cover. This law and others like it add more power, which in some imprecise sense stacks up against the MD's recalculability. Where it becomes interesting is if two parties in a dispute both retain records. If this is the case, then it reduces the chance that someone might fiddle with them or destroy them, as the other party has the copies. I suspect this makes more sense within corporates, or for b2b scenarios. For retail and other areas, there are more complications. > > Can we surmise that a digital record with an MD attached and > > logged would fall within "object" ? > > What's the point of keeping a message digest of a logged item? If the > log can be altered, then the message digest can be altered to match. > (Imagine a sendmail log file, where each line is the same as now, but > ends with the MD of the line in some gibberish characters...) The message digest and the record so digested can travel different paths. The MDs can be logged, and the messages can be lost or disposed of. Or some such. As long as the message digests are no longer in control of a single party, they may be sufficient, given the weight of the above, to strongly limit any temptation to recording. When it comes to auditing or validating of of any records, searching on message digests is very easy. If the message digest is with the record it covers, it is a simple matter to quickly grep through mountains of logs to find the entries. It allows a positive comparison to be done very quickly, which means those that fail are the ones to pay attention to. Another technique is to include a cookie in each record which relates to the state of the log, being a chained message digest. If any attempt is made to adjust a record, it throws out the following cookies. Still, this is getting us further and further from the original question - under what grounds could an MD be considered a sufficient signature for accuracy purposes? iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]