Re: tampering withelectronic health records

[Wayne Wilson]

Andrew po-jung Ho wrote:


> 
> The second solution is a "transient" escrow that sends the "proof-of-authenticity" 
> somewhere else for storage. It relies on another trusted or not-so-trusted party 
> and the adequacy of the cryptographic protocol to safeguard the signature from 
> subsequent alteration. This is exactly the Certificate Authority model 
> (e.g. Verisign) and suffers from the same weaknesses.
> 
I don't think this is the CA model.  CA's provide 
certificates.  The primary function of the certificate is to 
make an assertion about a name and the holder of a private 
key part of a public/private key pair.

The notary service is making a different kind of assertion - 
that a certain document was submitted on such and such a 
date and that the content has or has not changed since that 
date.


THis stuff get's confusing because similar crypto technology 
is used to implement these assertions. It's important to 
keep in mind that the crypto stuff is a set of building 
blocks that can be combined in various ways (call it a 
protocol) and then embedded in various systems ( or 
implementations).