[Barker, Elaine B.] NIST Publication Announcements

Perry E. Metzger perry at piermont.com
Thu Oct 1 10:46:23 EDT 2009

Stephan Neuhaus <neuhaus at st.cs.uni-sb.de> writes:
>> I think you've abstracted away too much information to provide a
>> definite answer, but if all you want is a proof of something being
>> done at time X that'll stand up in court then what's wrong with going
>> to a notary?  This has worked just fine for... centuries? without
>> requiring the pile of Rube-Goldberg cryptoplumbing that people seem
>> to want to attach to it.
> In this case, it's because Alice and Bob are not people, but services
> in an SOA, dynamically negotiating a variation of an SLA. If that SLA
> specifies, for example, that "patient records must be deleted within
> three days of checking the patient out of the hospital", then it will
> be somewhat impractical to go to a notary public every time they
> delete a patient's record.

It is also completely impossible to prove you've deleted a
record. Someone who can read the record can always make a copy of
it. Cryptography can't fix the DRM problem.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list