Evidence Record Syntax (ERS)
RFC 4998
| Document | Type |
RFC - Proposed Standard
(August 2007; No errata)
Was draft-ietf-ltans-ers (ltans WG)
|
|
|---|---|---|---|
| Last updated | 2015-10-14 | ||
| Stream | IETF | ||
| Formats | plain text pdf htmlized bibtex | ||
| Reviews | |||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4998 (Proposed Standard) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Tim Polk | ||
| Send notices to | (None) | ||
Network Working Group T. Gondrom
Request for Comments: 4998 Open Text Corporation
Category: Standards Track R. Brandner
InterComponentWare AG
U. Pordesch
Fraunhofer Gesellschaft
August 2007
Evidence Record Syntax (ERS)
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
In many scenarios, users must be able prove the existence and
integrity of data, including digitally signed data, in a common and
reproducible way over a long and possibly undetermined period of
time. This document specifies the syntax and processing of an
Evidence Record, a structure designed to support long-term non-
repudiation of existence of data.
Gondrom, et al. Standards Track [Page 1]
RFC 4998 ERS August 2007
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. General Overview and Requirements . . . . . . . . . . . . 4
1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
1.4. Conventions Used in This Document . . . . . . . . . . . . 6
2. Identification and References . . . . . . . . . . . . . . . . 7
2.1. ASN.1 Module Definition . . . . . . . . . . . . . . . . . 7
2.1.1. ASN.1 Module Definition for 1988 ASN.1 Syntax . . . . 7
2.1.2. ASN.1 Module Definition for 1997-ASN.1 Syntax . . . . 7
2.2. ASN.1 Imports and Exports . . . . . . . . . . . . . . . . 7
2.2.1. Imports and Exports Conform with 1988 ASN.1 . . . . . 8
2.2.2. Imports and Exports Conform with 1997-ASN.1 . . . . . 8
2.3. LTANS Identification . . . . . . . . . . . . . . . . . . . 9
3. Evidence Record . . . . . . . . . . . . . . . . . . . . . . . 9
3.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.2. Generation . . . . . . . . . . . . . . . . . . . . . . . . 10
3.3. Verification . . . . . . . . . . . . . . . . . . . . . . . 11
4. Archive Timestamp . . . . . . . . . . . . . . . . . . . . . . 11
4.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 11
4.2. Generation . . . . . . . . . . . . . . . . . . . . . . . . 12
4.3. Verification . . . . . . . . . . . . . . . . . . . . . . . 15
5. Archive Timestamp Chain and Archive Timestamp Sequence . . . . 16
5.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.2. Generation . . . . . . . . . . . . . . . . . . . . . . . . 17
5.3. Verification . . . . . . . . . . . . . . . . . . . . . . . 19
6. Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 20
6.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 21
6.1.1. EncryptionInfo in 1988 ASN.1 . . . . . . . . . . . . . 21
6.1.2. EncryptionInfo in 1997-ASN.1 . . . . . . . . . . . . . 22
7. Security Considerations . . . . . . . . . . . . . . . . . . . 22
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
8.1. Normative References . . . . . . . . . . . . . . . . . . . 23
8.2. Informative References . . . . . . . . . . . . . . . . . . 24
Appendix A. Evidence Record Using CMS . . . . . . . . . . . . . . 26
Appendix B. ASN.1-Module with 1988 Syntax . . . . . . . . . . . . 27
Appendix C. ASN.1-Module with 1997 Syntax . . . . . . . . . . . . 29
Gondrom, et al. Standards Track [Page 2]
RFC 4998 ERS August 2007
1. Introduction
1.1. Motivation
In many application areas of electronic data exchange, a non-
repudiable proof of the existence of digital data must be possible.
In some cases, this proof must survive the passage of long periods of
time. An important example is digitally signed data. Digital
signatures can be used to demonstrate data integrity and to perform
source authentication. In some cases, digitally signed data must be
archived for 30 years or more. However, the reliability of digital
signatures over long periods is not absolute. During the archival
period, hash algorithms and public key algorithms can become weak or
Show full document text