[144914] in cryptography@c2.net mail archive
Re: [Barker, Elaine B.] NIST Publication Announcements
daemon@ATHENA.MIT.EDU (Stephan Neuhaus)
Thu Oct 1 10:58:34 2009
Cc: perry@piermont.com, cryptography@metzdowd.com
From: Stephan Neuhaus <neuhaus@st.cs.uni-sb.de>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
In-Reply-To: <E1Msql5-0006MG-DG@wintermute01.cs.auckland.ac.nz>
Date: Thu, 1 Oct 2009 09:48:47 +0200
On Sep 30, 2009, at 06:25, Peter Gutmann wrote:
> Stephan Neuhaus <neuhaus@st.cs.uni-sb.de> writes:
>
>> Is there something that could be done that would *not* require a
>> TTA? (I have
>> almost given up on this, but it doesn't hurt to ask.)
>
> I think you've abstracted away too much information to provide a
> definite
> answer, but if all you want is a proof of something being done at
> time X
> that'll stand up in court then what's wrong with going to a notary?
> This has
> worked just fine for... centuries? without requiring the pile of
> Rube-Goldberg
> cryptoplumbing that people seem to want to attach to it.
In this case, it's because Alice and Bob are not people, but services
in an SOA, dynamically negotiating a variation of an SLA. If that SLA
specifies, for example, that "patient records must be deleted within
three days of checking the patient out of the hospital", then it will
be somewhat impractical to go to a notary public every time they
delete a patient's record.
I completely agree with your sentiment that "cryptoplumbing" should
not be used when there are other working solutions, but in this case,
I think it will be unavoidable.
Fun,
Stephan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
