Interesting. Could this service be used to simply sign
timestamps, to solve the provenance problem in web content?
The idea is to be able to prove that a given piece of
content existed at a specific time. A public signing service
which accepts a hash value, and returns a signed item with
the hash value and a timestamp, would be useful for this.
One would then modify some blogging systems, such as
Wordpress, to hash each new entry and obtain a signed
timestamp, which would then be placed in the content
HTML in some standard way.
With this, it would be possible to identify the first
poster of content, allowing the identification of originators vs.
scraper sites. This would be valuable if search engines were
induced to check it.
There are already online "notary" sites which offer such
a service, such as "http://www.surety.com/";. But at $1 per
signing, they're far too expensive for blogs.
John Nagle
SiteTruth
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
