[alg] OPT: Re: crypto flaw in secure mail standards (fwd)
Paul Elliott
pelliott at io.com
Sat Jun 23 11:29:58 PDT 2001
There is another problem, because the clock of a modern computer
can be set to any given time, there is no purely cryptographic
way to be satisfied that a given document existed at a given time,
if you do not trust the computer (and the person controling it)
generating the timestamp.
There is a third party solution to this problem exiting on
the internet. The "PGP Digital Timestamping Service" at
http://www.itconsult.co.uk/stamper.htm
In the general case, there is no reason to mistrust this third
party, since the service is automated, and does not have time
to scan your timestamp requests to participate in order to comspire
against you. In addition, summaries of timestamp requests are
posted to usenet newgroups, where they are presumably archived
at many archiving sites. Thus if you do carefull checking, the
only way timestamp fraud could work would be if this site, together
with all the usenet archiving sites that you checked, were engaged
in a conspiracy against you. Hopefully, you will think the probablility
of this is small.
--
Paul Elliott 1(512)837-9345 1(512)837-1096PGP Digital Timestamping Service
pelliott at io.com PMB 181, 11900 Metric Blvd Suite J
http://www.io.com/~pelliott/pme/ Austin TX 78758-3117
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20010623/35c837fa/attachment.sig>
More information about the cypherpunks-legacy
mailing list