Abstract
The term “digital signature” is a metaphor that seeks to describe a particular use of public key cryptography by use of the well-known “signature” term. The political direction in most parts of the world is towards wide acceptance of electronic documents, and introduction of electronic signatures to replace handwritten ones. Where security requirements of any importance exist, digital signature is the only open electronic signature mechanism. This paper examines one particular aspect of digital signature usage, long-term storage. Technical difficulties and directions towards solutions are described, and sources of requirements (legal and other) are discussed. The conclusion is that storage cannot be regarded as reliable for more than about 10 years. This may cause problems in particular to e-government but is probably sufficient in most cases.
Also part-time associate professor at the University of Tromsø, Norway.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35617-4_48
Chapter PDF
Similar content being viewed by others
References
Adams C., Cain P., Pinkas D., Zuccherato R. Internet X.509 Public Key Infrastructure Time-Stamp Protocol. RFC3161; August 2001.
Clarke R. The Fundamental Inadequacies of Conventional Public Key Infrastructure.Proceedings of the European Conference on Information Systems; June 2001; Bled.
Eastlake D., Reagle J., Solo D. XML-Signature Syntax and Processing. RFC3075; March 2001.
van Eecke P. European Legislation on Electronic Signatures, One Year after the Directive. ISSE Conference; September 2001; London.
Ellison C., Schneier B. Ten Risks of PKI: What You’re Not Being Told about Public Key Infrastructure. Computer Security Journal; v. 16 no. 1 pp 1–7; 2000.
ETSI. Electronic Signature Formats. ETSI Technical Standard TS 101 733; January 2002. (Technically equivalent to RFC3126 Electronic Signature Formats for Long Term Electronic Signatures, September 2001.)
ETSI. Signature Policies Report. ETSI Technical Report TR 102 041; February 2002.
EU. Community Framework for Electronic Signatures. Directive 1999/93/EC of the European Parliament and of the Council; December 1999.
Galtung A., Riisnxs R. Court Aspects of Digital Signatures (in Norwegian). Institute of Computers and Law; Faculty of Law; University of Oslo; March 1994.
Housley R. Cryptographic Message Syntax. RFC2630, June 1999.
ITU-T I ISO. OSI — The Directory: Authentication Framework. ITU-T X.509 I ISO/IEC 95948; 1997.
Kaliski B. PKCS#7: Cryptographic Message Syntax Version 1.5. RFC2315; March 1998.
Myers M., Ankney R., Malpani A., Galperin S., Adams C. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol — OCSP. RFC2560; June 1999.
National Archives of Norway. NOARK–4, Norwegian Archive System Version 4. Part 1:Functional Description and Requirements Specification (in Norwegian).Kommuneforlaget; ISBN 82–446–0628–2; 1999.
Nilsson H., Pinkas D. Validation of Electronic Signatures. ID2 White Paper; January 1999.
Seip A. Long–term Storage of Digitally Signed Documents (in Norwegian). NR Report 948; Norwegian Computing Centre (NR); ISBN 82–539–0451–7; November 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Ølnes, J., Seip, A.B. (2003). On Long-Term Storage of Digitally Signed Documents. In: Monteiro, J.L., Swatman, P.M.C., Tavares, L.V. (eds) Towards the Knowledge Society. IFIP — The International Federation for Information Processing, vol 105. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35617-4_8
Download citation
DOI: https://doi.org/10.1007/978-0-387-35617-4_8
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6861-9
Online ISBN: 978-0-387-35617-4
eBook Packages: Springer Book Archive