[ale] [OT] Preserving docs for future use as proof [Was: Re: OT got my first job as a Computer Professional *kinda*]

Pat Regan thehead at patshead.com
Wed Jul 14 23:09:23 EDT 2010


On Wed, 14 Jul 2010 20:40:04 -0400
Greg Freemyer <greg.freemyer at gmail.com> wrote:

> And a question to the group is how a PGP etc. key can be used to
> authenticate a record complete with datestamp?  If that can be done,
> that is a much better solution than sending an email to a gmail
> account.

It isn't possible to verify a timestamp on something that can be
created inside a vacuum.  As far as I know PGP does not do this, but if
it wanted to it would have to rely on communicating with some sort of
trusted third party at the time of signing.

Sending a copy to gmail reminds me of something I remember hearing when
I was a kid.  I remember someone talking about mailing a copy of
something you wanted to copyright to yourself and not opening the
envelope.  Then you'd use the postmark date as verification that the
document existed on that date.

I don't personally have any interest in proving any dates that any of
my data existed in some particular state, but...

I'm wondering which party "we" would trust for something like this.
I imagine you'd want a "signature with timestamp" from multiple
parties.  

It would probably be as simple as giving the third party the
hash of your document and having them append a timestamp to that and
sign it.

Pat


More information about the Ale mailing list