Evidence Record Syntax (ERS)
RFC 4998
Document | Type |
RFC - Proposed Standard
(August 2007; No errata)
Was draft-ietf-ltans-ers (ltans WG)
|
|
---|---|---|---|
Authors | Tobias Gondrom , Ralf Brandner , Ulrich Pordesch | ||
Last updated | 2015-10-14 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4998 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Tim Polk | ||
Send notices to | (None) |
Network Working Group T. Gondrom Request for Comments: 4998 Open Text Corporation Category: Standards Track R. Brandner InterComponentWare AG U. Pordesch Fraunhofer Gesellschaft August 2007 Evidence Record Syntax (ERS) Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract In many scenarios, users must be able prove the existence and integrity of data, including digitally signed data, in a common and reproducible way over a long and possibly undetermined period of time. This document specifies the syntax and processing of an Evidence Record, a structure designed to support long-term non- repudiation of existence of data. Gondrom, et al. Standards Track [Page 1] RFC 4998 ERS August 2007 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. General Overview and Requirements . . . . . . . . . . . . 4 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 1.4. Conventions Used in This Document . . . . . . . . . . . . 6 2. Identification and References . . . . . . . . . . . . . . . . 7 2.1. ASN.1 Module Definition . . . . . . . . . . . . . . . . . 7 2.1.1. ASN.1 Module Definition for 1988 ASN.1 Syntax . . . . 7 2.1.2. ASN.1 Module Definition for 1997-ASN.1 Syntax . . . . 7 2.2. ASN.1 Imports and Exports . . . . . . . . . . . . . . . . 7 2.2.1. Imports and Exports Conform with 1988 ASN.1 . . . . . 8 2.2.2. Imports and Exports Conform with 1997-ASN.1 . . . . . 8 2.3. LTANS Identification . . . . . . . . . . . . . . . . . . . 9 3. Evidence Record . . . . . . . . . . . . . . . . . . . . . . . 9 3.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.2. Generation . . . . . . . . . . . . . . . . . . . . . . . . 10 3.3. Verification . . . . . . . . . . . . . . . . . . . . . . . 11 4. Archive Timestamp . . . . . . . . . . . . . . . . . . . . . . 11 4.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 11 4.2. Generation . . . . . . . . . . . . . . . . . . . . . . . . 12 4.3. Verification . . . . . . . . . . . . . . . . . . . . . . . 15 5. Archive Timestamp Chain and Archive Timestamp Sequence . . . . 16 5.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 17 5.2. Generation . . . . . . . . . . . . . . . . . . . . . . . . 17 5.3. Verification . . . . . . . . . . . . . . . . . . . . . . . 19 6. Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 20 6.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 21 6.1.1. EncryptionInfo in 1988 ASN.1 . . . . . . . . . . . . . 21 6.1.2. EncryptionInfo in 1997-ASN.1 . . . . . . . . . . . . . 22 7. Security Considerations . . . . . . . . . . . . . . . . . . . 22 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23 8.1. Normative References . . . . . . . . . . . . . . . . . . . 23 8.2. Informative References . . . . . . . . . . . . . . . . . . 24 Appendix A. Evidence Record Using CMS . . . . . . . . . . . . . . 26 Appendix B. ASN.1-Module with 1988 Syntax . . . . . . . . . . . . 27 Appendix C. ASN.1-Module with 1997 Syntax . . . . . . . . . . . . 29 Gondrom, et al. Standards Track [Page 2] RFC 4998 ERS August 2007 1. Introduction 1.1. Motivation In many application areas of electronic data exchange, a non- repudiable proof of the existence of digital data must be possible. In some cases, this proof must survive the passage of long periods of time. An important example is digitally signed data. Digital signatures can be used to demonstrate data integrity and to perform source authentication. In some cases, digitally signed data must be archived for 30 years or more. However, the reliability of digital signatures over long periods is not absolute. During the archival period, hash algorithms and public key algorithms can become weak orShow full document text