Subject: | |
From: | |
Reply To: | |
Date: | Sun, 18 Feb 2007 14:24:12 +1100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Natasha
This has come to me in error..
Regards
JohnD
On 17/02/2007, at 11:47 PM, A.Khramtsovsky wrote:
Hello Marian,
> I am assuming that we should retain identification credentials for as
> long as the longest retention period for the record being e-signed. <
IMHO this assumption is valid mostly for the records with short-term
retention period. In case of permanent or long-term retention,
retaining verifiable digital signatures might be too difficult and/or
costly.
See for example section VI in the following article:
http://polaris.gseis.ucla.edu/blanchette/papers/annals.pdf
Below is the quote from (unfortunately, now unavailable in Internet)
another interesting article by Arnoud Glaudemans and Reijer Rutgers (De
Nederlandsche Bank NV) entitled “Electronic Signatures And Archiving”:
“A similar view of the permanent storage of digital signatures is to be
found in the Dutch Remano guidelines, providing software specifications
regarding Records Management Applications for Dutch government
entities. Under the Remano guidelines, a test of the signature is
associated with the capture of signed records into the archiving
system. The signature is verified at the moment of capture and if no
errors are found, the (non-encrypted) document may be entered without
its signature. From that moment onwards, the guarantee of identity,
integrity, authenticity and originality is based solely on the record
management system.”
With best regards,
Natasha Khramtsovsky
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
|
|
|