1 / 10

Long-term Archive and Notary Services (LTANS) Working Group

Join the LTANS Working Group to address the challenge of proving data existence over time. Explore mechanisms overcoming certificate expiration, cryptographic weaknesses & more. Contribute to defining data structures & protocols for archive services. Utilize existing standards like RFCs, PKIX, XMLDSIG, & SMIME. Address the limitations of timestamps & potential algorithm vulnerabilities. Secure data storage & signing practices. Engage with TAP, ATS, DVCS, & RFC 3029 to enhance trust in archived data. Join us on the journey towards reliable data validation and long-term security solutions.

lorak
Download Presentation

Long-term Archive and Notary Services (LTANS) Working Group

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Long-term Archive and Notary Services (LTANS) Working Group Charter Review

  2. Administrivia • Chairs • Tobias Gondrom and Carl Wallace • Security Area Directors • Russ Housley and Steve Bellovin • Security Area Advisor • Russ Housley • Mailing List • Discussion: ietf-ltans@imc.org • To Subscribe: ietf-ltans-request@imc.org • In Body: subscribe • Archive: http://www.imc.org/ietf-ltans • Web site • http://ltans.edelweb.fr/ • Hosted by Peter Sylvester • Contains charter, related documents, milestones, etc.

  3. WG Description • Overall aim of the WG is to define mechanisms to support the ability to prove the existence and validity of data over long periods of time • Made difficult by certificate expiration or revocation, cryptographic weakness, etc. • Problem to be addressed in two parallel efforts • Data structures, e.g. archive time stamps • Protocol for interacting with archive service • Build on and reconcile existing work • RFC 3029 (DVCS), RFC 3161 (Timestamp protocol), RFC 3126 (long-term signature formats), ATS (Archive Timestamps Syntax), TAP (trusted archive protocol), etc. • PKIX, XMLDSIG, SMIME • ArchiSig, OpenEvidence, USMC PK-E

  4. Why ? • Timestamps are not enough • What happens if used ts-algorithm gets weak ? • What happens if used Hash-algorithm is no longer reliable ? • What when certificates run out / are no longer available ? • OCSP from trust-center no longer available ? • ...

  5. Lifetime of signed data Creation Signing Storage Short/long-Term Resign / generate Trust Normal storage Trusted Third Party / Notary – individual basis Mass storage and re-signing without trusted third party

  6. First Steps • Trusted Archive Protocol (TAP) • Archive Time-Stamps Syntax (ATS) • Data Validation and Certificate Server Protocols (DVCS) • RFC 3029 (DVCS), • RC 3126 (ETSI)

  7. Approach • Define requirements • Solve problem, find best solution decided on base of requirements • Make solution

  8. Timeline • Archive signed data • Notary services

  9. Working Group Milestones * Standards track ** Informational Completed milestones: WG formation (10/21); WG meeting (today)

  10. Questions?

More Related