Description
It is well known that cryptographic algorithms may become weak due to increased computational power or improved algorithms
Hence the conclusiveness of digital signatures may decrease over time …
… at least if one does not apply appropriate counter-measures such as
- Archive Time-Stamps according to XAdES / CAdES
- Evidence Records according to RFC 4998
Some EU-member-states have explicit legal stipulations for long-term archiving of qualified electronic signatures (e.g. § 17 SigV in Germany)
=> It is an obvious approach to use DSS for long term archiving of signatures and signed data
Using this presentation I would like to discuss briefly, whether it could make sense to think about creating "An Archiving Profile for OASIS DSS" and how such a profile might look like.