[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internal WG Review: Long-Term Archive and Notary Services (ltans)

To: iesg@ietf.org, iab@iab.org, Tobias Gondrom <tobias.gondrom@ixos.de>, Carl Wallace <cwallace@orionsec.com>
Subject: Internal WG Review: Long-Term Archive and Notary Services (ltans)
From: iesg-secretary@ietf.org
Date: Thu, 25 Sep 2003 12:29:51 -0400

A new IETF working group is being considered in the Security Area. The draft charter for
this working group is provided below for your review and comment.

Review time is one week.

The IETF Secretariat.

 Long-Term Archive and Notary Services (ltans)
 ---------------------------------------------

 Current Status: Proposed Working Group 

 CHAIR(S):
 Tobias Gondrom <tobias.gondrom@ixos.de>
 Carl Wallace <cwallace@orionsec.com>

 SECURITY AREA DIRECTORS:
 Russ Housley <housley@vigilsec.com>
 Steve Bellovin <smb@research.att.com>

 SECURITY AREA ADVISOR:
 Russ Housley <housley@vigilsec.com>

 MAILING LIST:
 General Discussion: ietf-ltans@imc.org
 To Subscribe: subscribe-ietf-ltans@imc.org
 In Body: subscribe
 To Unsubscribe: unsubscribe-ietf-ltans@imc.org
 Archive: http://www.imc.org/ietf-ltans

 DESCRIPTION OF WORKING GROUP:
 In many scenarios, users need to be able to ensure and prove the existence
 and validity of data, especially digitally signed data, in a common and
 reproducible way over a long and possibly undetermined period of time.
 Cryptographic means are useful, but they do not provide the whole solution.
 For example, digital signatures (generated with a particular key size) might
 become weak over time due to improved computational capabilities, new
 cryptanalytic attacks might "break" a digital signature algorithm, public
 key certificates might be revoked or expire, and so on. Complementary
 methods covering potential weaknesses are necessary.

 Long-term non-repudiation of digitally signed data is an important aspect
 of PKI-related standards. Standard mechanisms are needed to handle routine
 events, such as expiry of signer's public key certificate and expiry of
 trusted time stamp authority certificate. A single timestamp is not
 sufficient for this purpose. Additionally, the reliable preservation of
 content across change of formats, application of electronic notarizations,
 and subsequent notary services require standard solutions.

 The objective of the LTANS working group is to define requirements, data
 structures and protocols for the secure usage of the necessary archive and
 notary services. First, the requirements for the long-term archive will be
 collected. Based on that information we will develop a protocol to access
 archive services supplying long-term non-repudiation for signed documents
 and define common data structures and formats. Upon completion of the
 archive-related specifications, we will address 'notary services' in a
 similar way. The term 'notary services' is not clearly defined. The working
 group will determine which functions need standards, including transformation
 of documents from one format to another without losing the value of evidence,
 electronic notarization, and further verification of legal validity of signed
 documents. We will determine the needs via the requirements paper and act
 upon the results accordingly.

 Work done by the IETF Working Groups PKIX, S/MIME and XMLDSIG will be used as
 the basis to define those structures and protocols. For example, the
 Internet-Drafts "Archive Time-Stamps Syntax (ATS)" and "Trusted Archive
 Protocol (TAP)" and RFC 3029, "Data Validation and Certificate Server
 Protocols (DVCS)", contain applicable concepts.

 GOALS AND MILESTONES
 Nov 03 Initial requirements for long-term archive I-D
 Dec 03 Revised requirements for long-term archive I-D
 Dec 03 Initial data structures for long-term archive I-D
 Dec 03 Initial protocol for long-term archive I-D
 Feb 04 Last call requirements for long-term archive I-D
 Mar 04 Submit requirements for long-term archive to IESG as informational
 Mar 04 Revised data structures for long-term archive I-D
 Mar 04 Revised protocol for long-term archive I-D
 Apr 04 Last call data structures for long-term archive I-D
 Apr 04 Last call protocol for long-term archive I-D
 May 04 Submit data structures for long-term archive to IESG as proposed standard
 May 04 Submit protocol for long-term archive to IESG as proposed standard
 Jul 04 Initial requirements for notary services I-D
 Sep 04 Revised requirements for notary services I-D
 Nov 04 Last call requirements for notary services I-D
 Dec 04 Submit requirements for notary services to IESG as proposed standard

Prev by Date: Re: Volunteers sought for draft-mills-sntp-v4
Next by Date: IESG Ballot notification: draft-ietf-ldup-lcup
Previous by thread: Proposed Enroll Charter
Next by thread: IESG Ballot notification: draft-ietf-ldup-lcup
Index(es):
- Date
- Thread