PlayStation 3 predicts next US president
James A. Donald
jamesd at echeque.com
Mon Dec 3 20:28:17 EST 2007
Dirk-Willem van Gulik wrote:
>> Keep in mind that the notary is still 'careful' --
>> effectively they sign the hash -- rather than the
>> document; and state either such (e.g. in the case of
>> some software/code where you do not hand over the
>> actual code) or state that _a_ document was presented
>> with said hash.
William Allen Simpson wrote:
> And that makes all the difference. The digital notary
> is not certifying the original document. You
> described the notary generating its own tuples
> (credentials as presented, the hash, a timestamp, and
> a notarized declaration that such was presented).
> There is no problem, and the described attack does not
> apply.
The described attack does apply: The notary has
complied with normal procedures and with the rules, but
the rules and procedure fail to have the desired effect,
because an MD5 hash lacks the desired properties.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list