On Mon, Mar 07, 2005 at 11:02:03AM +1000, Sebastian Garde wrote: > > There is another issue with digital signatures in the context > of EHRs: Their value decreases over time and with them the > value of digitally signed documents as legal evidence. In other > words: securely signed documents don't necessarily provide a > secure basis for verifying authenticity for the required > time-span of EHRs (30 and more years).
The longitivity/ validity of a digital signature, specially if distributed would obviously need the requisite revoke cycle. My concept of the 'notary server' is more of a 'backup server' and only to be referenced on a need basis. It is more of a process of data in, in, in and more data in ... with sporadic data reads only by very selective authorities (in official capacity). The keys of the signitory may change with change of office. Since these keys are not for circulation, and for consumption only by few selected people entrusted with the 'notary server' there should not be a problem in holding on to such 'exclusive' key archives (specific for the notary) for ages to come without change. As longs as physical security of the 'keys' are ensured, there should not be much of a requirement of rotation, since each notary signitory is specific for a time and place. Your views on issues of cryptographic algorithm weaknesses are absolutely valid if the keys are to be distributed beyond the confines of the notary server, or 'trusted' agencies ... Data exchanges should be from the regular servers and not from the notary servers, for day to day transactions, and not all transactions would need notary archival. Just my POV ... Bish - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
