At 4:36 PM 01/24/95, L. McCarthy wrote:
Rich Salz writes:
Shell needs public key because they want to use email for legal contracts. They've been waiting for standards to come around, but have given up. They're currently planning on using NIST's DSS, if they can fix a few things: - Add concepts of time and location (it can be important to prove that this was signed last month outside of the U.S.)
Any thoughts on how digital "place-stamping" (analogous to timestamping) might be accomplished, to authenticate the location of origin of a document ?
Well, it clearly can't be done over the internet. But it's really just a matter of putting a "place" field within the signature, in addition to the "time" one. And you'd have to trust the "stamper" to only stamp stuff as "Cleveland" that he had a way of knowing was in Cleveland. It's really up to him to figure out a way of verifying that. Maybe American Express offices will start place/time stamping, and you have to physically go to the AE office in Cleveland OH where someone takes your file and place/time stamps it. It's not as elegant as time stamping, because you really need face-to-face contact. And you need to trust the stamper not to lie about his location (I can't remember how much you need to trust a time-stamper, but I think it's less).