[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New proposal from Ronald J. Fitzherbert

Date: Tue, 03 Dec 1996 10:45:03 -0500
From: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: New proposal from Ronald J. Fitzherbert

Simon Higgs writes:
> At 8:42 PM -0500 12/2/96, Perry E. Metzger wrote:
> > Kent Crispin writes:
> > > Bet I can do that perl script quicker than Perry and Michael can get
> > > their database stuff going.
> >
> > Kent, getting a database going with the level of sophistication you
> > are talking about is idiotically trivial.
> 
> I've never heard PGP-signed NTP stamps described as "idiotically
> trivial" before.

I wouldn't recommend PGP signed NTP timestamps. They are trivial to
forge. All they prove is that you claim that something happened at a
particular time -- they don't prove that it actually happened at that
time. If one really wants an unforgeable timestamping protocol, there
is one, due to Haber and someone who's name I forget, but it requires
a central third party, at which point one must ask why not just use a
database since its simpler. (The timestamping protocol *is* pretty
neat -- it involves a "widely witnessed event" in the form of a series
of published hashes to demonstrate the ordering of events without
anyone involved being able to deny the ordering -- but it really isn't
any better than just using Oracle or something similar for this.)

Perry
Speaking for myself, and not for the IAHC

Follow-Ups:
- Re: New proposal from Ronald J. Fitzherbert
  - From: Kent Crispin <kent@songbird.com>

References:
- Re: New proposal from Ronald J. Fitzherbert
  - From: Simon Higgs <simon@higgs.com>

Prev by Date: Re: Thoughts at the moment...
Next by Date: Re: Thoughts at the moment...
Prev by thread: Re: New proposal from Ronald J. Fitzherbert
Next by thread: Re: New proposal from Ronald J. Fitzherbert
Index(es):
- Date
- Thread