> -----Original Message----- > On Sunday, October 04, 2009 5:42 PM > Alex Pankratov <a...@poneyhot.org> wrote: > > Does anyone know what's the state of affairs in this area ?
I think there are two factors. 1) This is complex problem and 2) Where it might have really been required (i.e. the courts) it has not; the courts accept unsigned, text log files as reasonable evidence. >From a local (as in US) perspective I would look into some of the services provided by NIST (http://tf.nist.gov/service/its.htm). Even their "authenticated" offerings appear to be very limited, and use static, symmetric keys (which can only be obtained by snail-mail!) I've always liked the saying: "A man with two watches never knows what time it is." As long as there is more than one accepted internet time source and the courts accept uncertified timestamps in log files, I don't see any clear solution to (or reason to pursue) obtaining "signed time". -Piers -- Piers Bowness RSA - The Security Division of EMC --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com