How does "cross certification" work in the ProofMark System?


To provide the most robust protection against the compromise of a single chain, Interval Chains may be cross- certified with other ProofMark Server instances. Cross-certification refers to the process by which one ProofMark server issues a ProofMark for another ProofMark server's Interval. The actual Cross-certifications are ProofMarks whose signed data is an Interval. Effectively, the Interval private keys from the Cross- certifying Server are used to sign the Interval public keys on the certified Server.

The Cross-certification process requires that the timestamp (from a trusted time source) of the Interval and the timestamp of the Cross-certifying server agree. That means the difference is less than the sum of the accuracies of the two timestamps plus the time required to obtain the Cross-certification. Cross-certification can optionally be configured such that cross-certifying servers authenticate each other using additional methods, such as classic PKI certificates. Cross-certification provides independent proof of the existence of the Interval (and its public key) at a point in time. If independently operated Servers are used for Cross-certification, this creates a widely witnessed chain of proof for the Interval, greatly enhancing the trustworthiness of ProofMarks issued. It also creates a virtual web of proof across a distributed network.

In contrast to classic Public Key Infrastructure (PKI) architectures, wherein compromise of a single certificate authority (CA) can have devastating effects on overall trustwor- thiness, the ProofSpace system remains as "strong as its strongest link." ProofMarks issued by a ProofMark System are as trustworthy as those issued by the most reliable of the Cross-certifying Servers. This is exactly converse to PKI which is considered as "weak as its weakest link". PKI certificates are considered only as reliable as the "weakest" cross-certifying authority.

An Interval can have any number of Cross-certifications, issued either by other servers within the same organization, or by servers in other organizations. ProofMark Serv- ers can be configured to require a minimum number of Cross- certifications before an Interval can become active. A larger number of Cross-certifications results in a more widely witnessed chain of proof.

Cross-certifications can also authenticate another server's time. Cross-certification also protects the archive from tampering, since the Cross-certification web extends to several archives and replicas of those archives. To falsely use the private key of an in- terval would require access to and control of the entire web of cross-certifying archives.

 
 

Copyright© ProofSpace 2000-2007. All Rights Reserved - Terms of Use - Privacy Policy - Time Stamp Info