2.6.7 Long-Term Archive and Notary Services (ltans)

NOTE: This charter is a snapshot of the 61st IETF Meeting in Washington, DC USA. It may now be out-of-date.

Last Modified: 2004-09-07

Chair(s):

Carl Wallace <cwallace@orionsec.com>
Tobias Gondrom <tobias.gondrom@ixos.de>

Security Area Director(s):

Russell Housley <housley@vigilsec.com>
Steven Bellovin <smb@research.att.com>

Security Area Advisor:

Russell Housley <housley@vigilsec.com>

Mailing Lists:

General Discussion: ietf-ltans@imc.org
To Subscribe: ietf-ltans-request@imc.org
In Body: subscribe
Archive: http://www.imc.org/ietf-ltans

Description of Working Group:

In many scenarios, users need to be able to ensure and prove the
existence and validity of data, especially digitally signed data, in a
common and reproducible way over a long and possibly undetermined period
of time.

Cryptographic means are useful, but they do not provide the whole
solution. For example, digital signatures (generated with a particular
key size) might become weak over time due to improved computational
capabilities, new cryptanalytic attacks might "break" a digital
signature algorithm, public key certificates might be revoked or expire,
and so on.

Complementary methods covering potential weaknesses are necessary.

Long-term non-repudiation of digitally signed data is an important
aspect of PKI-related standards. Standard mechanisms are needed to
handle routine events, such as expiry of signer's public key certificate
and expiry of trusted time stamp authority certificate. A single
timestamp is not sufficient for this purpose. Additionally, the reliable
preservation of content across change of formats, application of
electronic notarizations, and subsequent notary services require
standard solutions.

The objective of the LTANS working group is to define requirements, data
structures and protocols for the secure usage of the necessary archive
and notary services. First, the requirements for the long-term archive
will be collected. Based on that information we will develop a protocol
to access archive services supplying long-term non-repudiation for
signed documents and define common data structures and formats. Upon
completion of the archive-related specifications, we will address
'notary services' in a similar way. The term 'notary services' is not
clearly defined. The working group will determine which functions need
standards, including transformation of documents from one format to
another without losing the value of evidence, electronic notarization,
and further verification of legal validity of signed documents. We will
determine the needs via the requirements paper and act upon the results
accordingly.

Work done by the IETF Working Groups PKIX, S/MIME and XMLDSIG will be
used as the basis to define those structures and protocols. For example,
the Internet-Drafts "Archive Time-Stamps Syntax (ATS)" and "Trusted
Archive Protocol (TAP)" and RFC 3029, "Data Validation and Certificate
Server Protocols (DVCS)", contain applicable concepts.

Goals and Milestones:

Done  Initial requirements for long-term archive I-D
Done  Initial data structures for long-term archive I-D
Apr 04  Last call requirements for long-term archive I-D
Apr 04  Revised requirements for long-term archive I-D
May 04  Revised data structures for long-term archive I-D
May 04  Initial requirements for notary services I-D
Jun 04  Initial protocol for long-term archive I-D
Jun 04  Last call data structures for long-term archive I-D
Jul 04  Submit requirements for long-term archive to IESG as informational
Jul 04  Submit data structures for long-term archive to IESG as proposed standard
Aug 04  Revised requirements for notary services I-D
Aug 04  Protocol revisions for long-term archive I-D
Sep 04  Last call protocol for long-term archive I-D
Sep 04  Last call requirements for notary services I-D
Oct 04  Submit protocol for long-term archive to IESG as proposed standard
Oct 04  Submit requirements for notary services to IESG as proposed standard

Internet-Drafts:

  • draft-ietf-ltans-reqs-03.txt
  • draft-ietf-ltans-ers-01.txt
  • draft-ietf-ltans-notareqs-01.txt

    No Request For Comments

    Current Meeting Report


    LTANS meeting minutes

    Wallace: WG status and Archive Requirements document status briefings

    - Abandoned aggressive schedule

    - Three working group documents in progress: Archive Requirements document, ERS and Notary document

    - Agreement: Requirements document can assert that both crypto and non-crypto are ok, but the WG work will focus on crypto mechanisms. (SC: question what about 2 of 2 with a random stream for XOR will that meet the requirement?)

    - What is Archive Policy? Is this recertification/timing policy. Timing and mechanism (signature based or hash based time stamp) and access control and access policy. Who is allowed to change archivation period is access control policy?

    Masinter: Notary Services discussion

    - Definition of notary debate, name being changed to data certification and validation services

    - Went through the document

    - Can a human notary use the document to perform their services

    - Trials in CA on electronic notary. We do not know what it is: electronic assistance to notary, replacement of notary.

    - Went through use cases of human notary and how electronic notary will do it.

    - Specific workflows in the Notary document

    - DVCS is proposed as a place to build on. Is there any prohibition on moving it from PKIX to LTANS. PKIX mail list should be asked. It seems to be experimental RFC and hence ok.

    - How we got to data certification from notary?

    - Long term trusted third party certification

    - Debate with Chokhani on Archiving Vs. Notary. Not sure what the conclusion.

    - Russ: Are you happy with the outcome.

    - Larry: Seem to be happy with single service that offers archival and notary. He felts that they go hand in hand in the sense that there is no benefit to electronic notary without long temr archive.

    - Carl calls on OASIS and W3 No response.

    - Collapse the archive and notary requirements document into one.

    - Russ: When will the documents be coming to IESG for approval?

    - Carl: Most likely not before Minneapolis. Need WG consensus first.





    Slides

    LTANS WG Status
    Long-term Archive Service Requirements