Long-Term Archive and Notary Services (ltans)
WG description
Mailing list Meetings
Documents
Related projectsThis IETF group addresses long-term archive and notary services. The kick-off meeting was at the 58th IETF in Minneapolis. The LTANS WG meeting at the 64th IETF in vancouver is not yet scheduled. Send an email to Carl Wallace if you are interested in giving a presentation during the session.
This site (http://ltans.edelweb.fr/) provides all documents concerning this activity, and links to other related sites and projects, and to the mailing lists host.
Working group description
Chairs:
Tobias Gondrom <tobias.gondrom@ixos.de> Carl Wallace <cwallace@orionsec.com> Area directors:
Russ Housley <housley@vigilsec.com> Steve Bellovin <smb@research.att.com> Security area advisor
Russ Housley <housley@vigilsec.com> Description of the working group
In many scenarios, users need to be able to ensure and prove the existence and validity of data, especially digitally signed data, in a common and reproducible way over a long and possibly undetermined period of time. Cryptographic means are useful, but they do not provide the whole solution. For example, digital signatures (generated with a particular key size) might become weak over time due to improved computational capabilities, new cryptanalytic attacks might "break" a digital signature algorithm, public key certificates might be revoked or expire, and so on. Complementary methods covering potential weaknesses are necessary.
Long-term non-repudiation of digitally signed data is an important aspect of PKI-related standards. Standard mechanisms are needed to handle routine events, such as expiry of signer's public key certificate and expiry of trusted time stamp authority certificate. A single timestamp is not sufficient for this purpose. Additionally, the reliable preservation of content across change of formats, application of electronic notarizations, and subsequent notary services require standard solutions.
The objective of the LTANS working group is to define requirements, data structures and protocols for the secure usage of the necessary archive and notary services. First, the requirements for the long-term archive will be collected. Based on that information we will develop a protocol to access archive services supplying long-term non-repudiation for signed documents and define common data structures and formats. Upon completion of the archive-related specifications, we will address 'notary services' in a similar way. The term 'notary services' is not clearly defined. The working group will determine which functions need standards, including transformation of documents from one format to another without losing the value of evidence, electronic notarization, and further verification of legal validity of signed documents. We will determine the needs via the requirements paper and act upon the results accordingly.
Work done by the IETF Working Groups PKIX, S/MIME and XMLDSIG will be used as the basis to define those structures and protocols. For example, the Internet-Drafts "Archive Time-Stamps Syntax (ATS)" and "Trusted Archive Protocol (TAP)" and RFC 3029, "Data Validation and Certificate Server Protocols (DVCS)", contain applicable concepts.
Goals and milestones
Date Action Status Sept 03 Formation of WG done - 21 Oct 03 Nov 03 Initial requirements for long-term archive I-D done 12 Jan 04 Dec 03 Revised requirements for long-term archive I-D done 6 May 04 Dec 03 Initial data structures for long-term archive I-D Dec 03 Initial protocol for long-term archive I-D Feb 04 Last call requirements for long-term archive I-D Mar 04 Submit requirements for long-term archive to IESG as informational Mar 04 Revised data structures for long-term archive I-D Mar 04 Revised protocol for long-term archive I-D Apr 04 Last call data structures for long-term archive I-D Apr 04 Last call protocol for long-term archive I-D May 04 Submit data structures for long-term archive to IESG as proposed standard May 04 Submit protocol for long-term archive to IESG as proposed standard Jul 04 Initial requirements for notary services I-D done Sept 04 Revised requirements for notary services I-D Nov 04 Last call requirements for notary services I-D Dec 04 Submit requirements for notary services to IESG as proposed standard Mailing list
A mailing list including an archive is hosted by the IMC.
General Discussion: ietf-ltans@imc.org To Subscribe: ietf-ltans-request@imc.org and in the body: subscribe Archive: http://www.imc.org/ietf-ltans/ Meetings
- IETF 58 meeting in Minneapolis, Nov 11, 2003
- IETF 59 meeting in Seoul, Mar 4 2004
- IETF 60 meeting in San Diego, Aug 6 2004
- IETF 61 meeting in Washington, Nov 2004
- IETF 62 meeting in Minneapolis (no ltans-wg session), Mar 2004
- IETF 63 meeting in Paris, Jul 2005
- IETF 64 meeting in Vancouver, Nov 2005
Documents
This section provides pointers to working group documents and other information.Working group documents
Name Title and HTML version Status Date XML draft-ietf-ltans-reqs-00pre.txt Requirements non ietf initial draft Nov 2003 draft-ietf-ltans-reqs-00.txt Requirements initial IETF draft document Jan 2004 draft-ietf-ltans-reqs-01.txt Requirements current revised version May 2004 draft-ietf-ltans-reqs-02.txt Requirements 2nd revision Sep 2004 draft-ietf-ltans-reqs-03.txt Requirements revision Oct 2004 X draft-ietf-ltans-reqs-04.txt Requirements revision Jul 2005 X draft-ietf-ltans-reqs-05.txt Requirements revision Oct 2005 X draft-ietf-ltans-ers-00.txt Evidence Record Syntax initial IETF draft document Jan 2004 draft-ietf-ltans-ers-01.txt Evidence Record Syntax updated IETF draft document Jul 2004 draft-ietf-ltans-ers-02.txt Evidence Record Syntax updated IETF draft document Apr 2005 draft-ietf-ltans-ers-03.txt Evidence Record Syntax updated IETF draft document Oct 2005 X draft-ietf-ltans-ers-04.txt Evidence Record Syntax updated IETF draft document Oct 2005 draft-ietf-ltans-ers-05.txt Evidence Record Syntax updated IETF draft document Feb 2006 draft-ietf-ltans-notareqs-00.txt Notarisation Requirements initial IETF draft document Jul 2004 draft-ietf-ltans-notareqs-01.txt Certification Requirements draft document Oct 2004 X draft-ietf-ltans-notareqs-02.txt Certification Requirements draft document Jun 2005 X draft-ietf-ltans-ltap-00.txt Archive Protocol draft document Jul 2005 X draft-ietf-ltans-ltap-01.txt Archive Protocol Updated document Feb 2006 X draft-ietf-ltans-ers-scvp-00.txt Retrieving ERS via SCVP draft document. Sep 2005 X Related documents
The following list contain documents produced as discussion input for this working group.
- Potentially relevant patents
- draft-brandner-etal-ats-00.txt - Archive Time-Stamps Syntax (ATS)
- draft-ietf-pkix-tap-00.txt - Trusted Archive Protocol (TAP)
- RFC 3029 - Data Validation and Certificate Server Protocols (DVCS)
- P. Sylvester: OpenEvidence Presentation at IETF 57 PKIX meeting
- L.Dostalek, M. Vohnoutova: Long Term Archive Architecture
- OpenEvidence, Cybernetica: Protocols and data formats for time stamping services
- Fischlin, Pordesch: Nonrepudiation despite Encryption.
Related Projects
If you know other documents and projects, please feel free to notify me.
The AFNOR (French ISO body) has an active working group concerning services of an authority for evidences and proofs. The have produced initial documents for comments until midth of March. The documents are in French.
task force on archival of digital information
Kompetenznetzwerk Langzeitarchivierung
Maintenance of this site: Peter Sylvester <peter.sylvester@edelweb.fr>