From vigil@cdc.informatik.tu-darmstadt.de Thu Aug 4 09:21:40 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 962D521F8ACA for ; Thu, 4 Aug 2011 09:21:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.76 X-Spam-Level: X-Spam-Status: No, score=-0.76 tagged_above=-999 required=5 tests=[BAYES_05=-1.11, HELO_EQ_DE=0.35] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t2uJwBFk3lrC for ; Thu, 4 Aug 2011 09:21:40 -0700 (PDT) Received: from lnx500.hrz.tu-darmstadt.de (lnx500.hrz.tu-darmstadt.de [130.83.156.225]) by ietfa.amsl.com (Postfix) with ESMTP id AF0B721F89C2 for ; Thu, 4 Aug 2011 09:21:37 -0700 (PDT) Received: from mail.cdc.informatik.tu-darmstadt.de (cdc-info.cdc.informatik.tu-darmstadt.de [130.83.167.3]) by lnx500.hrz.tu-darmstadt.de (8.14.4/8.14.4/HRZ/PMX) with ESMTP id p74GLk1T029027 for ; Thu, 4 Aug 2011 18:21:46 +0200 (envelope-from vigil@cdc.informatik.tu-darmstadt.de) Received: from lap44.cdc.informatik.tu-darmstadt.de (lap44.cdc.informatik.tu-darmstadt.de [130.83.167.44]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client did not present a certificate) by mail.cdc.informatik.tu-darmstadt.de (Postfix) with ESMTP id 2636F8863F for ; Thu, 4 Aug 2011 18:21:46 +0200 (CEST) From: "Martin Augusto G. Vigil" Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Date: Thu, 4 Aug 2011 18:21:45 +0200 Message-Id: To: ltans@ietf.org Mime-Version: 1.0 (Apple Message framework v1084) X-Mailer: Apple Mail (2.1084) X-PMX-TU: seen v1.2 by 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2011.8.4.161215 X-PMX-RELAY: outgoing Subject: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2011 16:21:40 -0000 Hi, I am a PhD student and I have been working on a survey on long-term = authenticity and proof of existence. I have found many solutions (e.g. = ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, HP's = Content Integrity Service) and even acts (Sarbanes-Oxley Act, Directive = 2001/115/EC) but few real life examples in which long-term archiving is = required and was already used. May someone point some concrete examples? Kind regards, ---- Mart=EDn A. Gagliotti Vigil Technische Universit=E4t Darmstadt Cryptography and Computer Algebra Hochschulstra=DFe 10 64289 Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416 From tglassey@earthlink.net Thu Aug 4 09:55:44 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD98621F8BAC for ; Thu, 4 Aug 2011 09:55:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.764 X-Spam-Level: X-Spam-Status: No, score=-3.764 tagged_above=-999 required=5 tests=[AWL=-2.654, BAYES_05=-1.11] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wOaIrP6g23oO for ; Thu, 4 Aug 2011 09:55:44 -0700 (PDT) Received: from elasmtp-curtail.atl.sa.earthlink.net (elasmtp-curtail.atl.sa.earthlink.net [209.86.89.64]) by ietfa.amsl.com (Postfix) with ESMTP id 5AC7F21F8BAB for ; Thu, 4 Aug 2011 09:55:44 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=Uc/KXiX2fFoGa/VvFfNuMt81NpamSODBxHdFOFtxpu8Xv1tDKJ3/IUcW8pLsLnp5; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [67.180.133.66] (helo=[192.168.1.100]) by elasmtp-curtail.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from ) id 1Qp1DB-0007m7-3Q for ltans@ietf.org; Thu, 04 Aug 2011 12:55:57 -0400 Message-ID: <4E3ACF39.6010309@earthlink.net> Date: Thu, 04 Aug 2011 09:56:25 -0700 From: todd glassey User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110616 Lightning/1.0b2 Thunderbird/3.1.11 MIME-Version: 1.0 To: ltans@ietf.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79bd26605fe5518b9e86b5e81cf8c305ed350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 67.180.133.66 Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2011 16:55:45 -0000 On 8/4/2011 9:21 AM, Martin Augusto G. Vigil wrote: > Hi, > > I am a PhD student and I have been working on a survey on long-term authenticity and proof of existence. I have found many solutions (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, Directive 2001/115/EC) but few real life examples in which long-term archiving is required and was already used. Digital Conversion of Public Records is probably the best and lowest-hanging fruit for the models possible. This includes Records Offices of Clerks and other government functions. One of the key things moving forward will be property records. The same will be true for Notaries in parts of the world where a Notary keeps a formalized copy of anything they execute. Todd > May someone point some concrete examples? > > Kind regards, > ---- > Martín A. Gagliotti Vigil > Technische Universität Darmstadt > Cryptography and Computer Algebra > Hochschulstraße 10 > 64289 Darmstadt, Germany > Room: S2/02 B216 > Tel.: +49 6151 16-5416 > > > > > > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > -- Todd S. Glassey This is from my personal email account and any materials from this account come with personal disclaimers. Further I OPT OUT of any and all commercial emailings. From ejvn@sonnenglanz.net Thu Aug 4 10:55:30 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 005AD21F8853 for ; Thu, 4 Aug 2011 10:55:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.504 X-Spam-Level: X-Spam-Status: No, score=-0.504 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ryrHzVkXpDgf for ; Thu, 4 Aug 2011 10:55:29 -0700 (PDT) Received: from smtp-vbr12.xs4all.nl (smtp-vbr12.xs4all.nl [194.109.24.32]) by ietfa.amsl.com (Postfix) with ESMTP id 4888921F8610 for ; Thu, 4 Aug 2011 10:55:29 -0700 (PDT) Received: from [10.162.0.89] (palma.tarifa.biz [83.65.30.29]) (authenticated bits=0) by smtp-vbr12.xs4all.nl (8.13.8/8.13.8) with ESMTP id p74HtATL025957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 4 Aug 2011 19:55:11 +0200 (CEST) (envelope-from ejvn@sonnenglanz.net) Message-ID: <4E3ADCF5.2000206@sonnenglanz.net> Date: Thu, 04 Aug 2011 19:55:01 +0200 From: Ernst Jan van Nigtevecht User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20110624 Thunderbird/5.0 MIME-Version: 1.0 To: ltans@ietf.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Scanned: by XS4ALL Virus Scanner Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2011 17:55:30 -0000 Dear Martin, As far as I know, the British Library uses the ERS standard to proof the integrity through time of the digital collection. (I have to check for some more info; it's some time ago I heard about it.) Regards Ernst Jan On 4-8-2011 18:21, Martin Augusto G. Vigil wrote: > Hi, > > I am a PhD student and I have been working on a survey on long-term authenticity and proof of existence. I have found many solutions (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, Directive 2001/115/EC) but few real life examples in which long-term archiving is required and was already used. > > May someone point some concrete examples? > > Kind regards, > ---- > Martín A. Gagliotti Vigil > Technische Universität Darmstadt > Cryptography and Computer Algebra > Hochschulstraße 10 > 64289 Darmstadt, Germany > Room: S2/02 B216 > Tel.: +49 6151 16-5416 > > > > > > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > From tglassey@earthlink.net Thu Aug 4 12:11:54 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CCFE21F87F0 for ; Thu, 4 Aug 2011 12:11:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.066 X-Spam-Level: X-Spam-Status: No, score=-4.066 tagged_above=-999 required=5 tests=[AWL=-1.467, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pmLHgc08yRDt for ; Thu, 4 Aug 2011 12:11:48 -0700 (PDT) Received: from elasmtp-junco.atl.sa.earthlink.net (elasmtp-junco.atl.sa.earthlink.net [209.86.89.63]) by ietfa.amsl.com (Postfix) with ESMTP id C7DD421F87D9 for ; Thu, 4 Aug 2011 12:11:47 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=SmKWxd9zh82OBP7hN8QHyPSj8Szc5zLyh21heGKMUCnd6OcGy2c4EFfT811GQXt7; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [67.180.133.66] (helo=[192.168.1.100]) by elasmtp-junco.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from ) id 1Qp3Kq-0006Gf-Bd for ltans@ietf.org; Thu, 04 Aug 2011 15:12:00 -0400 Message-ID: <4E3AEF1C.2000809@earthlink.net> Date: Thu, 04 Aug 2011 12:12:28 -0700 From: todd glassey User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110616 Lightning/1.0b2 Thunderbird/3.1.11 MIME-Version: 1.0 To: ltans@ietf.org References: <4E3ADCF5.2000206@sonnenglanz.net> In-Reply-To: <4E3ADCF5.2000206@sonnenglanz.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec795e41d130d8e672703342596e35cc1df5350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 67.180.133.66 Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2011 19:11:54 -0000 On 8/4/2011 10:55 AM, Ernst Jan van Nigtevecht wrote: > Dear Martin, > As far as I know, the British Library uses the ERS standard to proof > the integrity through time of the digital collection. (I have to check > for some more info; it's some time ago I heard about it.) Hmm - according to my spies this apparently is what was used. http://www.thales-esecurity.com/EN/Products/Time%20Stamping/Time%20Stamp%20Server.aspx > > Regards > > Ernst Jan > > On 4-8-2011 18:21, Martin Augusto G. Vigil wrote: >> Hi, >> >> I am a PhD student and I have been working on a survey on long-term >> authenticity and proof of existence. I have found many solutions >> (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, >> HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, >> Directive 2001/115/EC) but few real life examples in which long-term >> archiving is required and was already used. >> >> May someone point some concrete examples? >> >> Kind regards, >> ---- >> Martín A. Gagliotti Vigil >> Technische Universität Darmstadt >> Cryptography and Computer Algebra >> Hochschulstraße 10 >> 64289 Darmstadt, Germany >> Room: S2/02 B216 >> Tel.: +49 6151 16-5416 >> >> >> >> >> >> _______________________________________________ >> ltans mailing list >> ltans@ietf.org >> https://www.ietf.org/mailman/listinfo/ltans >> > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > -- Todd S. Glassey This is from my personal email account and any materials from this account come with personal disclaimers. Further I OPT OUT of any and all commercial emailings. From aljosa@setcce.si Fri Aug 5 01:00:08 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A4F521F8B05 for ; Fri, 5 Aug 2011 01:00:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0dV702UvMV74 for ; Fri, 5 Aug 2011 01:00:03 -0700 (PDT) Received: from setcce.si (mail.setcce.si [88.200.65.130]) by ietfa.amsl.com (Postfix) with ESMTP id 239EE21F8828 for ; Fri, 5 Aug 2011 01:00:01 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Fri, 5 Aug 2011 10:00:20 +0200 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ltans] Concrete examples of long-term archiving Thread-Index: AcxS2m1qzmPKbWaxRJ6x/lMPK1wvQwAadLog References: <4E3ADCF5.2000206@sonnenglanz.net> <4E3AEF1C.2000809@earthlink.net> From: "Aljosa Jerman Blazic" To: Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Aug 2011 08:00:08 -0000 > On 8/4/2011 10:55 AM, Ernst Jan van Nigtevecht wrote: > > Dear Martin, > > As far as I know, the British Library uses the ERS standard to proof > > the integrity through time of the digital collection. (I have to check > > for some more info; it's some time ago I heard about it.) > Hmm - according to my spies this apparently is what was used. >=20 > http://www.thales- > esecurity.com/EN/Products/Time%20Stamping/Time%20Stamp%20Server.as > px This is only time-stamping device which does not implement ERS, only RFC3161 protocol (http://www.thales-esecurity.com/EN/Products/Time%20Stamping/Time%20Stam p%20Server.aspx#2). However it may be used to include archive timestamp into ERS record... That must be separate service, not part of Thales solution. BR Aljosa From liaquat.khan@ascertia.com Fri Aug 5 03:12:56 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 464F621F898E for ; Fri, 5 Aug 2011 03:12:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.495 X-Spam-Level: X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PaMI8kvT3MC4 for ; Fri, 5 Aug 2011 03:12:51 -0700 (PDT) Received: from mail.ascertia.com (unknown [94.136.44.33]) by ietfa.amsl.com (Postfix) with ESMTP id EF2A321F8426 for ; Fri, 5 Aug 2011 03:12:50 -0700 (PDT) Received: from LENOVOLK ([188.28.190.173]) by ascertia.com with MailEnable ESMTP; Fri, 5 Aug 2011 11:14:36 +0100 From: "Liaquat Khan" To: "'Aljosa Jerman Blazic'" , References: <4E3ADCF5.2000206@sonnenglanz.net> <4E3AEF1C.2000809@earthlink.net> In-Reply-To: Date: Fri, 5 Aug 2011 11:12:56 +0100 Message-ID: <00c501cc5358$4362d600$ca288200$@ascertia.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQJG1ddWi7J7qPPlJ19l09vAZJTn0gLrj7rtAf1sstMDJf89G5PYgSVg Content-Language: en-gb X-ME-Bayesian: 0.000000 Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Aug 2011 10:12:56 -0000 Some clarifications, the British Library Digital Library Programme uses timestamps to satisfy the needs expressed in this publicised programme of work http://www.bl.uk/aboutus/foi/transparency/contracts/contractEIS7397.pdf This document describes the project that was awarded to Ascertia to replace the Thales DSE 200 units with Ascertia ADSS TSA Servers. The document also describes the use of evidence records to preserve the integrity of the original data. The British Library long-term archiving scheme pre-dates the ERS RFC, however a similar approach of extensible long-life timestamped evidence records are used. Other British Library publications describe their data storage approach. Regards LK -----Original Message----- From: ltans-bounces@ietf.org [mailto:ltans-bounces@ietf.org] On Behalf Of Aljosa Jerman Blazic Sent: 05 August 2011 09:00 To: ltans@ietf.org Subject: Re: [ltans] Concrete examples of long-term archiving > On 8/4/2011 10:55 AM, Ernst Jan van Nigtevecht wrote: > > Dear Martin, > > As far as I know, the British Library uses the ERS standard to proof > > the integrity through time of the digital collection. (I have to check > > for some more info; it's some time ago I heard about it.) > Hmm - according to my spies this apparently is what was used. > > http://www.thales- > esecurity.com/EN/Products/Time%20Stamping/Time%20Stamp%20Server.as > px This is only time-stamping device which does not implement ERS, only RFC3161 protocol (http://www.thales-esecurity.com/EN/Products/Time%20Stamping/Time%20Stam p%20Server.aspx#2). However it may be used to include archive timestamp into ERS record... That must be separate service, not part of Thales solution. BR Aljosa _______________________________________________ ltans mailing list ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans From tglassey@earthlink.net Fri Aug 5 07:57:25 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A060A21F8C41 for ; Fri, 5 Aug 2011 07:57:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.355 X-Spam-Level: X-Spam-Status: No, score=-3.355 tagged_above=-999 required=5 tests=[AWL=-0.756, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6LeHF+YaRstr for ; Fri, 5 Aug 2011 07:57:24 -0700 (PDT) Received: from elasmtp-galgo.atl.sa.earthlink.net (elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61]) by ietfa.amsl.com (Postfix) with ESMTP id 71BBE21F8658 for ; Fri, 5 Aug 2011 07:57:24 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=VoeeDMe2CF9KMCx8Dj40ZHO1n1OpTpwhGb9E3moyQrwgANR1sCPq4pcFbzRa3oqv; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [207.111.209.5] (helo=[192.168.1.100]) by elasmtp-galgo.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from ) id 1QpLqI-0004BT-0t for ltans@ietf.org; Fri, 05 Aug 2011 10:57:42 -0400 Message-ID: <4E3C0503.9040200@earthlink.net> Date: Fri, 05 Aug 2011 07:58:11 -0700 From: todd glassey User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110616 Lightning/1.0b2 Thunderbird/3.1.11 MIME-Version: 1.0 To: ltans@ietf.org References: <4E3ADCF5.2000206@sonnenglanz.net> <4E3AEF1C.2000809@earthlink.net> <00c501cc5358$4362d600$ca288200$@ascertia.com> In-Reply-To: <00c501cc5358$4362d600$ca288200$@ascertia.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79d20f8eabf84b6771ff9ccfbcdab8366a350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 207.111.209.5 Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Aug 2011 14:57:25 -0000 On 8/5/2011 3:12 AM, Liaquat Khan wrote: > Some clarifications, the British Library Digital Library Programme uses > timestamps to satisfy the needs expressed in this publicised programme of > work http://www.bl.uk/aboutus/foi/transparency/contracts/contractEIS7397.pdf > > > This document describes the project that was awarded to Ascertia to replace > the Thales DSE 200 units with Ascertia ADSS TSA Servers. When did this happen? What was the date of the award? > The document also > describes the use of evidence records to preserve the integrity of the > original data. The British Library long-term archiving scheme pre-dates the > ERS RFC, however a similar approach of extensible long-life timestamped > evidence records are used. yes I know... > Other British Library publications describe > their data storage approach. > > Regards > LK > > -----Original Message----- > From: ltans-bounces@ietf.org [mailto:ltans-bounces@ietf.org] On Behalf Of > Aljosa Jerman Blazic > Sent: 05 August 2011 09:00 > To: ltans@ietf.org > Subject: Re: [ltans] Concrete examples of long-term archiving > >> On 8/4/2011 10:55 AM, Ernst Jan van Nigtevecht wrote: >>> Dear Martin, >>> As far as I know, the British Library uses the ERS standard to proof >>> the integrity through time of the digital collection. (I have to > check >>> for some more info; it's some time ago I heard about it.) >> Hmm - according to my spies this apparently is what was used. >> >> http://www.thales- >> esecurity.com/EN/Products/Time%20Stamping/Time%20Stamp%20Server.as >> px > This is only time-stamping device which does not implement ERS, only > RFC3161 protocol > (http://www.thales-esecurity.com/EN/Products/Time%20Stamping/Time%20Stam > p%20Server.aspx#2). However it may be used to include archive timestamp into > ERS record... That must be separate service, not part of Thales solution. > > BR > > Aljosa > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > > > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > -- Todd S. Glassey This is from my personal email account and any materials from this account come with personal disclaimers. Further I OPT OUT of any and all commercial emailings. From tobias.gondrom@gondrom.org Sun Aug 7 17:40:15 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1FAC21F86BF for ; Sun, 7 Aug 2011 17:40:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -93.958 X-Spam-Level: X-Spam-Status: No, score=-93.958 tagged_above=-999 required=5 tests=[AWL=-1.196, BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aF0DvTFsBIqt for ; Sun, 7 Aug 2011 17:40:14 -0700 (PDT) Received: from lvps83-169-7-107.dedicated.hosteurope.de (lvps83-169-7-107.dedicated.hosteurope.de [83.169.7.107]) by ietfa.amsl.com (Postfix) with ESMTP id 64FCF21F8548 for ; Sun, 7 Aug 2011 17:40:14 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=fZ0VVaTGGfDkjgH469xOZqaDfyhoW+M6ls/pcr3bsJPa6mVEvm3R1edPVCmgZvieEgk5cQCizUOdEo9b5YkowjEYWq0OtpQzCwpZwUKeMeyIJRdtSDm8+imgvEuhJPbr; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; Received: (qmail 24260 invoked from network); 8 Aug 2011 02:39:59 +0200 Received: from 94-194-102-93.zone8.bethere.co.uk (HELO ?192.168.1.66?) (94.194.102.93) by lvps83-169-7-107.dedicated.hosteurope.de with (DHE-RSA-AES256-SHA encrypted) SMTP; 8 Aug 2011 02:39:59 +0200 Message-ID: <4E3F305E.2030900@gondrom.org> Date: Mon, 08 Aug 2011 01:39:58 +0100 From: Tobias Gondrom User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20110627 Thunderbird/5.0 MIME-Version: 1.0 To: ltans@ietf.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Aug 2011 00:40:15 -0000 Hi Martin, in general you can find real life examples when larger organisations are dealing with critical documents (that in paper form would be signed and often documenting high value issues) for a longer time frame. For example: - the German federal government uses ERS for signed data. There is even a guideline for all German government agencies on how to use it: https://www.bsi.bund.de/ContentBSI/Publikationen/TechnischeRichtlinien/tr03125/index_htm.html (unfortunately in German, sorry) * one scenario is for example documents signed in internal workflows and documents being delivered to an agency through a so-called agency "inbox-system". - other real life examples are: * long-term storage of documents, like pension contracts, sorry can't be more specific due to confidentiality * patient records in health care (in some jurisdictions the health care provider (e.g. hospital) is responsible to guarantee the integrity and authenticity of all archived patient records for the whole lifespan of the patient (and to be able to proof that). In the past this was done via paper documents, etc. But when such an institution moves/moved to electronic records and documents, electronic signatures were used and also required ERS to protect against broken algorithms. * electronic invoices: EU directive on electronic invoices requires them to carry a qualified signature to be used for pre-tax allowances. And as in some jurisdictions it may take years until the tax auditor validates the records, signature algorithms may become weak and require ERS to renew their strength. * or think of blueprints and documentation for air-planes and ammunition during their manufacturing process, to be stored for the whole lifetime they may be in use. But to add a pinch of salt: My personal observation is that the vast majority of cases of long-term authenticity and proof of existence is still using pure simple paper documents stored somewhere physically safe in a bunker/paper archive - like we did the last few hundred years.... (Some companies/government agencies have developed the technical capabilities to do this electronically with ERS, but most of them haven't yet). Hope that helps, Tobias On 04/08/11 17:21, Martin Augusto G. Vigil wrote: > Hi, > > I am a PhD student and I have been working on a survey on long-term authenticity and proof of existence. I have found many solutions (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, Directive 2001/115/EC) but few real life examples in which long-term archiving is required and was already used. > > May someone point some concrete examples? > > Kind regards, > ---- > Martín A. Gagliotti Vigil > Technische Universität Darmstadt > Cryptography and Computer Algebra > Hochschulstraße 10 > 64289 Darmstadt, Germany > Room: S2/02 B216 > Tel.: +49 6151 16-5416 > > > > > > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans From istvan.berta@microsec.hu Wed Aug 10 01:38:29 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92FAB21F86C0 for ; Wed, 10 Aug 2011 01:38:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.911 X-Spam-Level: ** X-Spam-Status: No, score=2.911 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, SARE_MILLIONSOF=0.315] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WSzZN+XyMsEz for ; Wed, 10 Aug 2011 01:38:28 -0700 (PDT) Received: from everest.microsec.hu (everest.microsec.hu [193.226.230.4]) by ietfa.amsl.com (Postfix) with ESMTP id 5988B21F8541 for ; Wed, 10 Aug 2011 01:38:27 -0700 (PDT) Received: from [10.42.223.165] (z165.e-cegjegyzek.hu [10.42.223.165]) by everest.microsec.hu (8.12.11.20060308/8.12.11/SuSE Linux 0.7) with ESMTP id p7A8cjO6016964; Wed, 10 Aug 2011 10:38:48 +0200 Message-ID: <4E4243A2.5030805@microsec.hu> Date: Wed, 10 Aug 2011 10:38:58 +0200 From: Istvan Zsolt BERTA User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20110624 Thunderbird/5.0 MIME-Version: 1.0 To: ltans@ietf.org, vigil@cdc.informatik.tu-darmstadt.de References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Aug 2011 08:38:29 -0000 Dear Martín, In Hungary, the authentic long-term archival of electronically signed documents is included in the e-signature law. Aside qualified CAs, we also have qualified archiving service providers. The Hungarian Chamber of Notaries is running an archival project since 2007. Certain classes of notarial deeds are archived electronically. The notary creates the notarial deed on paper, scans it (as PDF), signs it with her qualified electronic signature and sends it to the archives (our company is a qualified archiving service provider, we run these archives). A few million notarial deeds are archived this way currently. Notaries create their signatures in XAdES-A format, and in the archives these signatures are archived in an LTANS ERS -like format. We do not use ERS because when our system was started, ERS RFCs were not available yet, but our logic is very similar to ERS. Electronically signed documents are also used (and archived) in context of the Hungarian registry of businesses. If you want to found a company in Hungary, you need to turn to a lawyer, and your lawyer submits the necessary electronically signed documents to the business registry court. The judge at the registry court also creates an electronically signed resolution. Lawyers are required to archive these electronically signed documents, e.g. using a qualified archiving provider. This system also involves millions of documents, but only a small fraction of them is archived currently. (There are already certain resolutions that were not archived properly and their timestamps expired. They are problematic.) Unfortunately I have very little written information on this in English (our English website is rather just a placeholder): http://www.berta.hu/publications/Berta2007efpe.pdf (of year 2007) http://www.berta.hu/publications/Berta2011efpe.pdf (of year 2011) http://srv.e-szigno.hu/menu/index.php?lap=english_archiving http://srv.e-szigno.hu/menu/index.php?lap=english_firm_registry If you have any further questions, feel free to ask, and I shall do my best to answer. Regards, István 2011.08.04. 18:21 keltezéssel, Martin Augusto G. Vigil írta: > Hi, > > I am a PhD student and I have been working on a survey on long-term > authenticity and proof of existence. I have found many solutions > (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, > HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, > Directive 2001/115/EC) but few real life examples in which long-term > archiving is required and was already used. > > May someone point some concrete examples? > > Kind regards, ---- Martín A. Gagliotti Vigil Technische Universität > Darmstadt Cryptography and Computer Algebra Hochschulstraße 10 64289 > Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416 > > > > > > _______________________________________________ ltans mailing list > ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans From tglassey@earthlink.net Wed Aug 10 06:12:41 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87D2521F8749 for ; Wed, 10 Aug 2011 06:12:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.492 X-Spam-Level: X-Spam-Status: No, score=-2.492 tagged_above=-999 required=5 tests=[AWL=-2.622, BAYES_40=-0.185, SARE_MILLIONSOF=0.315] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PPV8x2fqyM7W for ; Wed, 10 Aug 2011 06:12:40 -0700 (PDT) Received: from elasmtp-galgo.atl.sa.earthlink.net (elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61]) by ietfa.amsl.com (Postfix) with ESMTP id A0D6A21F85C7 for ; Wed, 10 Aug 2011 06:12:40 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=k+2CNdzCxiYlHpdVPKCXyZF0dG/sAoIBZFmA/6GZtv4qgXMXxue7MAzq/EArFFOm; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [67.180.133.66] (helo=[192.168.1.100]) by elasmtp-galgo.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from ) id 1Qr8at-00069M-Qd for ltans@ietf.org; Wed, 10 Aug 2011 09:13:11 -0400 Message-ID: <4E428403.5080203@earthlink.net> Date: Wed, 10 Aug 2011 06:13:39 -0700 From: todd glassey User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110616 Lightning/1.0b2 Thunderbird/3.1.11 MIME-Version: 1.0 To: ltans@ietf.org References: <4E4243A2.5030805@microsec.hu> In-Reply-To: <4E4243A2.5030805@microsec.hu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79c4cc41eb2eb322be3d1727f9469165b9350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 67.180.133.66 Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Aug 2011 13:12:41 -0000 On 8/10/2011 1:38 AM, Istvan Zsolt BERTA wrote: > > Dear Martín, > > In Hungary, the authentic long-term archival of electronically signed > documents is included in the e-signature law. Aside qualified CAs, we > also have qualified archiving service providers. > Is there a Design Specification available? Todd > > > The Hungarian Chamber of Notaries is running an archival project since > 2007. Certain classes of notarial deeds are archived electronically. > The notary creates the notarial deed on paper, scans it (as PDF), > signs it with her qualified electronic signature and sends it to the > archives (our company is a qualified archiving service provider, we > run these archives). A few million notarial deeds are archived this > way currently. > > Notaries create their signatures in XAdES-A format, and in the > archives these signatures are archived in an LTANS ERS -like format. > We do not use ERS because when our system was started, ERS RFCs were > not available yet, but our logic is very similar to ERS. > > > Electronically signed documents are also used (and archived) in > context of the Hungarian registry of businesses. If you want to found > a company in Hungary, you need to turn to a lawyer, and your lawyer > submits the necessary electronically signed documents to the business > registry court. The judge at the registry court also creates an > electronically signed resolution. > Lawyers are required to archive these electronically signed documents, > e.g. using a qualified archiving provider. This system also involves > millions of documents, but only a small fraction of them is archived > currently. (There are already certain resolutions that were not > archived properly and their timestamps expired. They are problematic.) > > > Unfortunately I have very little written information on this in > English (our English website is rather just a placeholder): > > http://www.berta.hu/publications/Berta2007efpe.pdf (of year 2007) > http://www.berta.hu/publications/Berta2011efpe.pdf (of year 2011) > http://srv.e-szigno.hu/menu/index.php?lap=english_archiving > http://srv.e-szigno.hu/menu/index.php?lap=english_firm_registry > > If you have any further questions, feel free to ask, and I shall do my > best to answer. > > Regards, > > István > > > > > > > 2011.08.04. 18:21 keltezéssel, Martin Augusto G. Vigil írta: >> Hi, >> >> I am a PhD student and I have been working on a survey on long-term >> authenticity and proof of existence. I have found many solutions >> (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, >> HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, >> Directive 2001/115/EC) but few real life examples in which long-term >> archiving is required and was already used. >> >> May someone point some concrete examples? >> >> Kind regards, ---- Martín A. Gagliotti Vigil Technische Universität >> Darmstadt Cryptography and Computer Algebra Hochschulstraße 10 64289 >> Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416 >> >> >> >> >> >> _______________________________________________ ltans mailing list >> ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans > > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > -- Todd S. Glassey This is from my personal email account and any materials from this account come with personal disclaimers. Further I OPT OUT of any and all commercial emailings. From istvan.berta@microsec.hu Fri Aug 12 08:24:42 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0D7621F89C1 for ; Fri, 12 Aug 2011 08:24:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.911 X-Spam-Level: ** X-Spam-Status: No, score=2.911 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, SARE_MILLIONSOF=0.315] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NGvYaVPp3T0d for ; Fri, 12 Aug 2011 08:24:41 -0700 (PDT) Received: from everest.microsec.hu (everest.microsec.hu [193.226.230.4]) by ietfa.amsl.com (Postfix) with ESMTP id 5EAE921F881C for ; Fri, 12 Aug 2011 08:24:40 -0700 (PDT) Received: from [10.42.223.165] (z165.e-cegjegyzek.hu [10.42.223.165]) by everest.microsec.hu (8.12.11.20060308/8.12.11/SuSE Linux 0.7) with ESMTP id p7CFPEEg001374 for ; Fri, 12 Aug 2011 17:25:16 +0200 Message-ID: <4E4545E5.9060003@microsec.hu> Date: Fri, 12 Aug 2011 17:25:25 +0200 From: Istvan Zsolt BERTA User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20110624 Thunderbird/5.0 MIME-Version: 1.0 To: ltans@ietf.org References: <4E4243A2.5030805@microsec.hu> <4E428403.5080203@earthlink.net> In-Reply-To: <4E428403.5080203@earthlink.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Aug 2011 15:24:43 -0000 Dear Todd, 2011.08.10. 15:13 keltezéssel, todd glassey írta: >> In Hungary, the authentic long-term archival of electronically signed >> documents is included in the e-signature law. Aside qualified CAs, we >> also have qualified archiving service providers. >> > Is there a Design Specification available? What do you mean on Design Specification? We have the archiving service listed in our e-signature law, and this law prescribes the requirements a qualified archiving service provider must fulfill. There is an English version here: http://www.docshare.com/doc/199777/hungary Our authorities also released some 'guidance' on the technical requirements and policy requirements, but I think they are going to be superseded by the recently released ETSI specifications: ETSI TS 101 533-1 Information Preservation Systems Security; Part 1: Requirements for Implementation and Management http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=31009 ETSI TR 101 533-2 Information Preservation Systems Security; Part 2: Guidelines for Assessors http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=34232 None of these requirements go into details like prescribing certain formats, etc. Regards, István >> >> >> The Hungarian Chamber of Notaries is running an archival project since >> 2007. Certain classes of notarial deeds are archived electronically. >> The notary creates the notarial deed on paper, scans it (as PDF), >> signs it with her qualified electronic signature and sends it to the >> archives (our company is a qualified archiving service provider, we >> run these archives). A few million notarial deeds are archived this >> way currently. >> >> Notaries create their signatures in XAdES-A format, and in the >> archives these signatures are archived in an LTANS ERS -like format. >> We do not use ERS because when our system was started, ERS RFCs were >> not available yet, but our logic is very similar to ERS. >> >> >> Electronically signed documents are also used (and archived) in >> context of the Hungarian registry of businesses. If you want to found >> a company in Hungary, you need to turn to a lawyer, and your lawyer >> submits the necessary electronically signed documents to the business >> registry court. The judge at the registry court also creates an >> electronically signed resolution. >> Lawyers are required to archive these electronically signed documents, >> e.g. using a qualified archiving provider. This system also involves >> millions of documents, but only a small fraction of them is archived >> currently. (There are already certain resolutions that were not >> archived properly and their timestamps expired. They are problematic.) >> >> >> Unfortunately I have very little written information on this in >> English (our English website is rather just a placeholder): >> >> http://www.berta.hu/publications/Berta2007efpe.pdf (of year 2007) >> http://www.berta.hu/publications/Berta2011efpe.pdf (of year 2011) >> http://srv.e-szigno.hu/menu/index.php?lap=english_archiving >> http://srv.e-szigno.hu/menu/index.php?lap=english_firm_registry >> >> If you have any further questions, feel free to ask, and I shall do my >> best to answer. >> >> Regards, >> >> István >> >> >> >> >> >> >> 2011.08.04. 18:21 keltezéssel, Martin Augusto G. Vigil írta: >>> Hi, >>> >>> I am a PhD student and I have been working on a survey on long-term >>> authenticity and proof of existence. I have found many solutions >>> (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, >>> HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, >>> Directive 2001/115/EC) but few real life examples in which long-term >>> archiving is required and was already used. >>> >>> May someone point some concrete examples? >>> >>> Kind regards, ---- Martín A. Gagliotti Vigil Technische Universität >>> Darmstadt Cryptography and Computer Algebra Hochschulstraße 10 64289 >>> Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416 >>> >>> >>> >>> >>> >>> _______________________________________________ ltans mailing list >>> ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans >> >> _______________________________________________ >> ltans mailing list >> ltans@ietf.org >> https://www.ietf.org/mailman/listinfo/ltans >> > > From tglassey@earthlink.net Fri Aug 12 12:38:48 2011 Return-Path: X-Original-To: ltans@ietfa.amsl.com Delivered-To: ltans@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4708A5E800E for ; Fri, 12 Aug 2011 12:38:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.818 X-Spam-Level: X-Spam-Status: No, score=-1.818 tagged_above=-999 required=5 tests=[AWL=-1.949, BAYES_40=-0.185, HTML_MESSAGE=0.001, SARE_MILLIONSOF=0.315] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZyIb5XohJDWQ for ; Fri, 12 Aug 2011 12:38:46 -0700 (PDT) Received: from elasmtp-junco.atl.sa.earthlink.net (elasmtp-junco.atl.sa.earthlink.net [209.86.89.63]) by ietfa.amsl.com (Postfix) with ESMTP id 1C2435E800D for ; Fri, 12 Aug 2011 12:38:46 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=nGmwEuGVwht0ERlrfeSEYQyhM4APbPGN5lyzutMCPQJbYjhnJ/XPpkMxiMH77oVw; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:X-ELNK-Trace:X-Originating-IP; Received: from [207.111.209.5] (helo=[192.168.1.100]) by elasmtp-junco.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from ) id 1QrxZj-0005kT-Fd for ltans@ietf.org; Fri, 12 Aug 2011 15:39:23 -0400 Message-ID: <4E458186.6000901@earthlink.net> Date: Fri, 12 Aug 2011 12:39:50 -0700 From: todd glassey User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110616 Lightning/1.0b2 Thunderbird/3.1.11 MIME-Version: 1.0 To: ltans@ietf.org References: <4E4243A2.5030805@microsec.hu> <4E428403.5080203@earthlink.net> <4E4545E5.9060003@microsec.hu> In-Reply-To: <4E4545E5.9060003@microsec.hu> Content-Type: multipart/alternative; boundary="------------030103090006060508090703" X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec793fdb312f4df8b958d55829c99cc86772350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 207.111.209.5 Subject: Re: [ltans] Concrete examples of long-term archiving X-BeenThere: ltans@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: LTANS Working Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Aug 2011 19:38:48 -0000 This is a multi-part message in MIME format. --------------030103090006060508090703 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit On 8/12/2011 8:25 AM, Istvan Zsolt BERTA wrote: > > Dear Todd, > > 2011.08.10. 15:13 keltezéssel, todd glassey írta: >>> In Hungary, the authentic long-term archival of electronically signed >>> documents is included in the e-signature law. Aside qualified CAs, we >>> also have qualified archiving service providers. >>> >> Is there a Design Specification available? > > What do you mean on Design Specification? We have the archiving > service listed in our e-signature law, and this law prescribes the > requirements a qualified archiving service provider must fulfill. > > There is an English version here: > http://www.docshare.com/doc/199777/hungary yes! > > Our authorities also released some 'guidance' on the technical > requirements and policy requirements, but I think they are going to be > superseded by the recently released ETSI specifications: > > ETSI TS 101 533-1 Information Preservation Systems Security; Part 1: > Requirements for Implementation and Management > http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=31009 > > ETSI TR 101 533-2 Information Preservation Systems Security; Part 2: > Guidelines for Assessors > http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=34232 http://pda.etsi.org/exchangefolder/ts_10153301v010101p.pdf This is really funny - it was written by Engineers and not Audit professionals. Its the problem with all of the ETSI Guidance about time and evidence as far as I can tell. _*What actually is UTC? *_Look for instance at A.10.10.6 - the Clock Synchronization. I bet most of the engineers who wrote this have no idea what UTC is. I mean they know it comes from the BIPM but the have no idea how the UTC values are computed or when they are computed. For instance I DONT MEAN THIS AS A NASTY COMMENT - but I bet the LTANS group (as a whole) generally doesn't know that UTC is a computed value which is produced in arrears of the moment that it is actually stated to represent. The problem is that most of the NTP team don't know this either. UTC is not a notice of now then but rather an instance in time which will be (or was) agreed to by a group of Metrological Wizards when the Circular-T work is completed and the next UTC time fixing is completed. In fact most all have no idea that the instant in the now which we think of as UTC is actually the last instance of UTC + some number of Atomic Second of incremental time. The actual UTC instant is derived from the log data submitted monthly (and that is the key concept here - monthly) by the 55 Master Timing Laboratories who participate in the generation of Schedule-T... So here is how it works - the master timing labs all submit the last months timing data to the BIPM's CIPM and the UTC team then queries IERS.ORG and a couple of other entities and poof - about thirty (30) days later - they declare a UTC timing fixing for a point in time which functionally was probably about 50 to 60 days ago... What's funnier is how spoofable GPS or even basic NTP is... these are the highly reliable transports talked about in the ETSI guidance excerpt which follows: ----------------------------------------------------- A.10.10.6 Clock synchronization Long Term Preservation specific controls: 1. The IPSP shall have in force an auditable procedure, based the outcomes of the Risk Assessment, ensuring that all the applied time references, in relation to the IPS, are reliably fetched from a trusted UTC time source and maintained unaltered throughout the entire IPS. 2. All IPSP time references shall be UTC based, e.g. "UTC+1, "UTC+2", etc., to make it possible to reconcile all of them to a consistent chronology. 3. The IPSP shall ensure that all logging records express the time in a unique manner, even when the IPSP systems are located in different time zones. NOTE: This can be achieved either by synchronising all IPS related systems on the same time zone or by explicitly stating the systems time through UTC based notation (e.g. "UTC-6"). ----------------------------------------------------- What that means is in the world of Metrology there are time-frames about what and when in the UTC process which no one sees. So how does this affect long term document storage? - Simple the timestamps need to be rewritable. > > > None of these requirements go into details like prescribing certain > formats, etc. Which is why zI pushed back to hard against the ETSI methods - they also were written by people who refused to put practice statements into them meaning they are functionally worthless. OK not worthless but pretty close. Look no use guidelines means they are incomplete standards since they leave it up to the end users to come up with their own operating models. This was always the issue with any IETF models - they simply dont come with "you use it this way" documentation which would constrain the design and its use fully. > > Regards, > > István > > > >>> >>> >>> The Hungarian Chamber of Notaries is running an archival project since >>> 2007. Certain classes of notarial deeds are archived electronically. >>> The notary creates the notarial deed on paper, scans it (as PDF), >>> signs it with her qualified electronic signature and sends it to the >>> archives (our company is a qualified archiving service provider, we >>> run these archives). A few million notarial deeds are archived this >>> way currently. >>> >>> Notaries create their signatures in XAdES-A format, and in the >>> archives these signatures are archived in an LTANS ERS -like format. >>> We do not use ERS because when our system was started, ERS RFCs were >>> not available yet, but our logic is very similar to ERS. >>> >>> >>> Electronically signed documents are also used (and archived) in >>> context of the Hungarian registry of businesses. If you want to found >>> a company in Hungary, you need to turn to a lawyer, and your lawyer >>> submits the necessary electronically signed documents to the business >>> registry court. The judge at the registry court also creates an >>> electronically signed resolution. >>> Lawyers are required to archive these electronically signed documents, >>> e.g. using a qualified archiving provider. This system also involves >>> millions of documents, but only a small fraction of them is archived >>> currently. (There are already certain resolutions that were not >>> archived properly and their timestamps expired. They are problematic.) >>> >>> >>> Unfortunately I have very little written information on this in >>> English (our English website is rather just a placeholder): >>> >>> http://www.berta.hu/publications/Berta2007efpe.pdf (of year 2007) >>> http://www.berta.hu/publications/Berta2011efpe.pdf (of year 2011) >>> http://srv.e-szigno.hu/menu/index.php?lap=english_archiving >>> http://srv.e-szigno.hu/menu/index.php?lap=english_firm_registry >>> >>> If you have any further questions, feel free to ask, and I shall do my >>> best to answer. >>> >>> Regards, >>> >>> István >>> >>> >>> >>> >>> >>> >>> 2011.08.04. 18:21 keltezéssel, Martin Augusto G. Vigil írta: >>>> Hi, >>>> >>>> I am a PhD student and I have been working on a survey on long-term >>>> authenticity and proof of existence. I have found many solutions >>>> (e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius, >>>> HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act, >>>> Directive 2001/115/EC) but few real life examples in which long-term >>>> archiving is required and was already used. >>>> >>>> May someone point some concrete examples? >>>> >>>> Kind regards, ---- Martín A. Gagliotti Vigil Technische Universität >>>> Darmstadt Cryptography and Computer Algebra Hochschulstraße 10 64289 >>>> Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416 >>>> >>>> >>>> >>>> >>>> >>>> _______________________________________________ ltans mailing list >>>> ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans >>> >>> _______________________________________________ >>> ltans mailing list >>> ltans@ietf.org >>> https://www.ietf.org/mailman/listinfo/ltans >>> >> >> > > _______________________________________________ > ltans mailing list > ltans@ietf.org > https://www.ietf.org/mailman/listinfo/ltans > -- Todd S. Glassey This is from my personal email account and any materials from this account come with personal disclaimers. Further I OPT OUT of any and all commercial emailings. --------------030103090006060508090703 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On 8/12/2011 8:25 AM, Istvan Zsolt BERTA wrote:

Dear Todd,

2011.08.10. 15:13 keltezéssel, todd glassey írta:
In Hungary, the authentic long-term archival of electronically signed
documents is included in the e-signature law. Aside qualified CAs, we
also have qualified archiving service providers.

Is there a Design Specification available?

What do you mean on Design Specification? We have the archiving service listed in our e-signature law, and this law prescribes the requirements a qualified archiving service provider must fulfill.

There is an English version here:
http://www.docshare.com/doc/199777/hungary
yes!

Our authorities also released some 'guidance' on the technical requirements and policy requirements, but I think they are going to be superseded by the recently released ETSI specifications:

ETSI TS 101 533-1 Information Preservation Systems Security; Part 1: Requirements for Implementation and Management
http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=31009

ETSI TR 101 533-2 Information Preservation Systems Security; Part 2: Guidelines for Assessors
http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=34232

http://pda.etsi.org/exchangefolder/ts_10153301v010101p.pdf

This is really funny - it was written by Engineers and not Audit professionals. Its the problem with all of the ETSI Guidance about time and evidence as far as I can tell.  

What actually is UTC?
Look for instance at A.10.10.6 - the Clock Synchronization. I bet most of the engineers who wrote this have no idea what UTC is. I mean they know it comes from the BIPM but the have no idea how the UTC values are computed or when they are computed.

For instance I DONT MEAN THIS AS A NASTY COMMENT - but I bet the LTANS group (as a whole)  generally doesn't know that UTC is a computed value which is produced in arrears of the moment that it is actually stated to represent.  The problem is that most of the NTP team don't know this either.

UTC is not a notice of now then but rather an instance in time which will be (or was) agreed to by a group of Metrological Wizards when the Circular-T work is completed and the next UTC time fixing is completed.  In fact most all have no idea that the instant in the now which we think of as UTC is actually the last instance of UTC + some number of Atomic Second of incremental time.

The actual UTC instant is derived from the log data submitted monthly (and that is the key concept here - monthly) by the 55 Master Timing Laboratories who participate in the generation of Schedule-T... So here is how it works - the master timing labs all submit the last months timing data to the BIPM's CIPM and the UTC team then queries IERS.ORG and a couple of other entities and poof - about thirty (30) days later - they declare a UTC timing fixing for a point in time which functionally was probably about 50 to 60 days ago...

What's funnier is how spoofable GPS or even basic NTP is... these are the highly reliable transports talked about in the ETSI guidance excerpt which follows:
-----------------------------------------------------
A.10.10.6 Clock synchronization
Long Term Preservation specific controls:
  1. The IPSP shall have in force an auditable procedure, based the outcomes of the Risk Assessment, ensuring that all the applied time references, in relation to the IPS, are reliably fetched from a trusted UTC time source and maintained unaltered throughout the entire IPS.
  2. All IPSP time references shall be UTC based, e.g. "UTC+1, "UTC+2", etc., to make it possible to reconcile all of them to a consistent chronology.
  3. The IPSP shall ensure that all logging records express the time in a unique manner, even when the IPSP systems are located in different time zones.
NOTE: This can be achieved either by synchronising all IPS related systems on the same time zone or by
explicitly stating the systems time through UTC based notation (e.g. "UTC-6").
-----------------------------------------------------
What that means is in the world of Metrology there are time-frames about what and when in the UTC process which no one sees. So how does this affect long term document storage? - Simple the timestamps need to be rewritable.


None of these requirements go into details like prescribing certain formats, etc.
Which is why zI pushed back to hard against the ETSI methods - they also were written by people who refused to put practice statements into them meaning they are functionally worthless. OK not worthless but pretty close. Look no use guidelines means they are incomplete standards since they leave it up to the end users to come up with their own operating models. This was always the issue with any IETF models - they simply dont come with "you use it this way" documentation which would constrain the design and its use fully.

Regards,

István





The Hungarian Chamber of Notaries is running an archival project since
2007. Certain classes of notarial deeds are archived electronically.
The notary creates the notarial deed on paper, scans it (as PDF),
signs it with her qualified electronic signature and sends it to the
archives (our company is a qualified archiving service provider, we
run these archives). A few million notarial deeds are archived this
way currently.

Notaries create their signatures in XAdES-A format, and in the
archives these signatures are archived in an LTANS ERS -like format.
We do not use ERS because when our system was started, ERS RFCs were
not available yet, but our logic is very similar to ERS.


Electronically signed documents are also used (and archived) in
context of the Hungarian registry of businesses. If you want to found
a company in Hungary, you need to turn to a lawyer, and your lawyer
submits the necessary electronically signed documents to the business
registry court. The judge at the registry court also creates an
electronically signed resolution.
Lawyers are required to archive these electronically signed documents,
e.g. using a qualified archiving provider. This system also involves
millions of documents, but only a small fraction of them is archived
currently. (There are already certain resolutions that were not
archived properly and their timestamps expired. They are problematic.)


Unfortunately I have very little written information on this in
English (our English website is rather just a placeholder):

http://www.berta.hu/publications/Berta2007efpe.pdf (of year 2007)
http://www.berta.hu/publications/Berta2011efpe.pdf (of year 2011)
http://srv.e-szigno.hu/menu/index.php?lap=english_archiving
http://srv.e-szigno.hu/menu/index.php?lap=english_firm_registry

If you have any further questions, feel free to ask, and I shall do my
best to answer.

Regards,

István






2011.08.04. 18:21 keltezéssel, Martin Augusto G. Vigil írta:
Hi,

I am a PhD student and I have been working on a survey on long-term
authenticity and proof of existence. I have found many solutions
(e.g. ERS, Patricia Trees, etc), projects (e.g. ArchiSig, Prokopius,
HP's Content Integrity Service) and even acts (Sarbanes-Oxley Act,
Directive 2001/115/EC) but few real life examples in which long-term
archiving is required and was already used.

May someone point some concrete examples?

Kind regards, ---- Martín A. Gagliotti Vigil Technische Universität
Darmstadt Cryptography and Computer Algebra Hochschulstraße 10 64289
Darmstadt, Germany Room: S2/02 B216 Tel.: +49 6151 16-5416





_______________________________________________ ltans mailing list
ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans

_______________________________________________
ltans mailing list
ltans@ietf.org
https://www.ietf.org/mailman/listinfo/ltans




_______________________________________________
ltans mailing list
ltans@ietf.org
https://www.ietf.org/mailman/listinfo/ltans 



-- 
Todd S. Glassey
This is from my personal email account and any materials from this account come with personal disclaimers. 

Further I OPT OUT of any and all commercial emailings.
--------------030103090006060508090703--