Re: Trusted timestamping
+ Fearghas McKay fm-li...@st-kilda.org: http://www.itconsult.co.uk/stamper.htm Has been around since ~1995 and just works whenever I have used it, albeit some time ago. It publishes time stamp info on Usenet, comp.security.pgp.announce which shows the last activity was in 2002... http://groups.google.com/group/comp.security.pgp.announce/browse_thread/thread/d25667d87c1740f6# Which seems to support your viewpoint. As explained at http://www.itconsult.co.uk/stamper/stampnew.htm they moved to alt.security.pgp in 2002. But ... the latest timestamp summary I can see there is from May 2009, so I guess the point stands, unless it's just google groups that won't cooperate. (Hmmm, my news server doesn't even carry alt.security.gpg, so I can't check further. Not a good sign.) - Harald - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
RE: Trusted timestamping
-Original Message- From: pgut001 [mailto:pgut...@wintermute01.cs.auckland.ac.nz] On Behalf Of Peter Gutmann Sent: October 5, 2009 10:07 PM To: a...@poneyhot.org; cryptography@metzdowd.com Subject: Re: Trusted timestamping Alex Pankratov a...@poneyhot.org writes: I have spent a couple of days looking around the Internet, and things appear to be .. erm .. hectic and disorganized. [...] Your summary pretty much answers the question, lots of bit players sitting around waiting for the market to emerge, and they've been waiting, in some cases, for at least the last decade or so. In Europe the vendors are pinning their hopes on legislation forcing people to use TSPs, although even there it's been severely crippled by the fact that having to point a legislative gun at the customers head to get them to use it doesn't engender much enthusiasm for it. These players are sitting in the wrong place then. I have run into a fairly well defined need for a timestamping service in a graphic design community. Interestingly enough they do not need the timestamps for the courts, they need them more as a deterrent to a blatant theft of their creative ideas. If someone copies their work, verbosely or at a concept level, then the clone is wortheless unless it can be sold or used as a promotion vehicle. The copycat's goal is to get the copy published in as many online galleries and auction/specwork sites as possible, and the goal of the original author is to prevent that from happening. At the moment the challenge frequently boils down to searching through archive.org contents, and using that as a proof of who was first. In this context archive.org, clearly, serves as a coarse time stamping service, implicitly trustworthy. There is obviously a room for improvement, and that's why I asked what I asked. Alex - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Trusted timestamping
On 6 Oct 2009, at 14:48, Harald Hanche-Olsen wrote: As explained at http://www.itconsult.co.uk/stamper/stampnew.htm they moved to alt.security.pgp in 2002. But ... the latest timestamp summary I can see there is from May 2009, so I guess the point stands, unless it's just google groups that won't cooperate. (Hmmm, my news server doesn't even carry alt.security.gpg, so I can't check further. Not a good sign.) http://stamper.itconsult.co.uk/stamper-files/sig2009.txt Shows a small stream of sigs up to 7th Oct so there is some life in parrot yet. f - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Trusted timestamping
On Sun, 04 Oct 2009 23:42:22 +0200 Alex Pankratov a...@poneyhot.org wrote: There is for example timestamp.verisign.com, but there is no documentation or description of it whatsoever. From European world plagued with qualified electronic signature disease - timestamp servers usually are compatible with RFC 3161 Time-Stamp Protocol (TSP) that works over HTTP, but since they don't want to provide free timestamping for anyone they're using various techniques to limit usage of this service. I've seen two techniques to do this. One was allowing only TSP request encapsulated in *signed* CMS (RFC 3369). So if you're signing a document using qualified signature AND timestamp you've got to enter PIN twice - one for document signature, one for TSP transport signature. The other server was not requiring signed CMS, but instead silently discarded signature requests from clients other that their own software. It had something to do with TSP options probably, but I didn't investigate any deeper. -- Pawe Krawczyk http://ipsec.pl - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Trusted timestamping
On 04/10/2009 23:42, Alex Pankratov wrote: I guess my main confusion at the moment is why large CAs of Verisign's size not offering any standalone timestamping services. My view is that there is no demand for this as a service. The apparent need for it is more a paper requirement that came out of PKI world's search for a perfect product than any business need. E.g., if you think you want it, you might be better rewarded by re-examining your assumptions as to why it is needed, than building it... iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
RE: Trusted timestamping
-Original Message- On Sunday, October 04, 2009 5:42 PM Alex Pankratov a...@poneyhot.org wrote: Does anyone know what's the state of affairs in this area ? I think there are two factors. 1) This is complex problem and 2) Where it might have really been required (i.e. the courts) it has not; the courts accept unsigned, text log files as reasonable evidence. From a local (as in US) perspective I would look into some of the services provided by NIST (http://tf.nist.gov/service/its.htm). Even their authenticated offerings appear to be very limited, and use static, symmetric keys (which can only be obtained by snail-mail!) I've always liked the saying: A man with two watches never knows what time it is. As long as there is more than one accepted internet time source and the courts accept uncertified timestamps in log files, I don't see any clear solution to (or reason to pursue) obtaining signed time. -Piers -- Piers Bowness RSA - The Security Division of EMC - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Trusted timestamping
Alex Pankratov wrote: Does anyone know what's the state of affairs in this area ? This is probably slightly off-topic, but I can't think of a better place to ask about this sort of thing. I have spent a couple of days looking around the Internet, and things appear to be .. erm .. hectic and disorganized. There is for example timestamp.verisign.com, but there is no documentation or description of it whatsoever. Even the website itself is broken. However it is used by Microsoft's code signing tool that embeds Verisign's timestamp into Authenticode signature of signed executable files. There is also a way to timestamp signed PDFs, but the there appears to be nothing _trusted_ about available Trusted Timestamping Authorities. Just a bunch of random companies that call themselves that way and provide no indication why they should actually be *trusted*. No audit practicies, not even a simple description of their backend setup. The same goes for the companies providing timestamping services for arbitrary documents, either using online interfaces or a downloadable software. There are also Digital Poststamps, which is a very strange version of a timestamping service, because their providers insist on NOT releasing the actual timestamp to the customer and then charging for each timestamp verification request. I guess my main confusion at the moment is why large CAs of Verisign's size not offering any standalone timestamping services. Any thoughts or comments ? I answer your question by two questions: Trusted timestamping service is like a specialized form of non-repudiation service. You may wonder if there is any fielded usage of genuine non-repudiation service, i.e. extending to an arbitration function that would support evidence management in some litigation forum. Fraud prevention in payment systems is not based on a genuine non-repudiation scheme. Are you aware of the current state of genuine non-repudiation service? Another approach to your question is that timestamping service has to be sold before being fielded and used. Who is(are) the real beneficiary(ies) in a trusted timestamping service, and how do you sell the service to them so that it makes economic sense? Regards, - Thierry Moreau - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Trusted timestamping
On Mon, Oct 5, 2009 at 8:42 AM, Alex Pankratov a...@poneyhot.org wrote: Does anyone know what's the state of affairs in this area ? This is probably slightly off-topic, but I can't think of a better place to ask about this sort of thing. I have spent a couple of days looking around the Internet, and things appear to be .. erm .. hectic and disorganized. There is for example timestamp.verisign.com, but there is no documentation or description of it whatsoever. Even the website itself is broken. However it is used by Microsoft's code signing tool that embeds Verisign's timestamp into Authenticode signature of signed executable files. There is also a way to timestamp signed PDFs, but the there appears to be nothing _trusted_ about available Trusted Timestamping Authorities. Just a bunch of random companies that call themselves that way and provide no indication why they should actually be *trusted*. No audit practicies, not even a simple description of their backend setup. The same goes for the companies providing timestamping services for arbitrary documents, either using online interfaces or a downloadable software. There are also Digital Poststamps, which is a very strange version of a timestamping service, because their providers insist on NOT releasing the actual timestamp to the customer and then charging for each timestamp verification request. I guess my main confusion at the moment is why large CAs of Verisign's size not offering any standalone timestamping services. Any thoughts or comments ? I have no useful comments other than to point you to a timestamping service you may or may not have seen (I didn't see you mention it: http://www.itconsult.co.uk/stamper/stampinf.htm), form what I've noticed (just in passing) this seems to be the most popular stamping service. Thanks, Alex -- noon silky http://www.mirios.com.au/ http://skillsforvilla.tumblr.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Trusted timestamping
On 5 Oct 2009, at 16:04, Ian G wrote: My view is that there is no demand for this as a service. The apparent need for it is more a paper requirement that came out of PKI world's search for a perfect product than any business need. E.g., if you think you want it, you might be better rewarded by re- examining your assumptions as to why it is needed, than building it... http://www.itconsult.co.uk/stamper.htm Has been around since ~1995 and just works whenever I have used it, albeit some time ago. It publishes time stamp info on Usenet, comp.security.pgp.announce which shows the last activity was in 2002... http://groups.google.com/group/comp.security.pgp.announce/browse_thread/thread/d25667d87c1740f6# Which seems to support your viewpoint. f - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com