[Barker, Elaine B.] NIST Publication Announcements

Stephan Neuhaus neuhaus at st.cs.uni-sb.de
Thu Oct 1 03:48:47 EDT 2009

On Sep 30, 2009, at 06:25, Peter Gutmann wrote:

> Stephan Neuhaus <neuhaus at st.cs.uni-sb.de> writes:
>> Is there something that could be done that would *not* require a  
>> TTA? (I have
>> almost given up on this, but it doesn't hurt to ask.)
> I think you've abstracted away too much information to provide a  
> definite
> answer, but if all you want is a proof of something being done at  
> time X
> that'll stand up in court then what's wrong with going to a notary?   
> This has
> worked just fine for... centuries? without requiring the pile of  
> Rube-Goldberg
> cryptoplumbing that people seem to want to attach to it.

In this case, it's because Alice and Bob are not people, but services  
in an SOA, dynamically negotiating a variation of an SLA. If that SLA  
specifies, for example, that "patient records must be deleted within  
three days of checking the patient out of the hospital", then it will  
be somewhat impractical to go to a notary public every time they  
delete a patient's record.

I completely agree with your sentiment that "cryptoplumbing" should  
not be used when there are other working solutions, but in this case,  
I think it will be unavoidable.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list