Hi, It is known for quite some time that digital signatures are not the best solution to encrypt information that has to be archived. For functions like this we need a real person/organisation that provides this archiving function.
see by Ross Anderson: http://www.usenix.org/publications/library/proceedings/ec98/ full_papers/anderson/anderson.pdf Gerard -- <work> -- Gerard Freriks TNO Kwaliteit van Leven Wassenaarseweg 56 Leiden Postbus 2215 2301CE Leiden The Netherlands +31 71 5181388 +31 654 792800 On 07 Mar 2005, at 02:02, Sebastian Garde wrote: > Hi, > > There is another issue with digital signatures in the context of EHRs: > Their value decreases over time and with them the value of digitally > signed documents as legal evidence. > In other words: securely signed documents don't necessarily provide a > secure basis for verifying authenticity for the required time-span of > EHRs (30 and more years). > > This is due to the following reasons: > - the employed cryptographic algorithms and the keys lose their > security qualification in the course of time. (algorithm may found to > be > insecure, key length may be too short for increased computer power,..) > - It cannot be guaranteed that the directories and documents needed for > the verification of the underlying certificates are available for 30 > years or more. > > In addition, the use of digital signing procedures is often insecure > and > information for the subsequent evaluation of the actual security is > missing. > To achieve high conclusiveness of digitally signed documents and to > realize their integration into practical use, the documents complete > life cycle ranging from generation of the document, generation of the > signature, presentation, communication to (long-time-)archiving and > later use have to be taken into account in a comprehensive way. > > For a truly long-term-solution for EHRs, a solution must be provided > for > this problem. > If you are interested in details, see http://www.archisig.de/english > > Further, signed data may - of course - not be changed in order to keep > electronic signatures valid. But when data has to be exchanged across > networks, or in context of systems migration, such changes are > inevitably occuring. Trying to avoid this with the help of new > standardized and stable data formats contradicts experiences (although > openEHR itself might be a solution for this problem). > So, procedures are necessary to convert signed documents and preserve > their evidence value (legally secure transformation). See > http://www.transidok.de/index-en.html for details. > > Regards, > Sebastian -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 2674 bytes Desc: not available URL: <http://lists.openehr.org/mailman/private/openehr-technical_lists.openehr.org/attachments/20050307/1216af1f/attachment.bin>