Long-Term Archive Service Requirements
RFC 4810

 
Document Type RFC - Informational (March 2007; No errata)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 4810 (Informational)
Telechat date
Responsible AD Russ Housley
Send notices to ltans-chairs@ietf.org

Email authors IPR 1 References Referenced by Nits Search lists

Network Working Group                                         C. Wallace
Request for Comments: 4810                            Cygnacom Solutions
Category: Informational                                      U. Pordesch
                                                 Fraunhofer Gesellschaft
                                                             R. Brandner
                                                   InterComponentWare AG
                                                              March 2007

                 Long-Term Archive Service Requirements

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   There are many scenarios in which users must be able to prove the
   existence of data at a specific point in time and be able to
   demonstrate the integrity of data since that time, even when the
   duration from time of existence to time of demonstration spans a
   large period of time.  Additionally, users must be able to verify
   signatures on digitally signed data many years after the generation
   of the signature.  This document describes a class of long-term
   archive services to support such scenarios and the technical
   requirements for interacting with such services.

Wallace, et al.              Informational                      [Page 1]
RFC 4810                  Archive Requirements                March 2007

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  General Principles . . . . . . . . . . . . . . . . . . . . . .  5
   4.  Technical Requirements . . . . . . . . . . . . . . . . . . . .  6
     4.1.  Enable Submission, Retrieval, and Deletion of Archived
           Data Objects . . . . . . . . . . . . . . . . . . . . . . .  6
       4.1.1.  Functional Requirements  . . . . . . . . . . . . . . .  7
       4.1.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . .  7
     4.2.  Operate in accordance with a long-term archive policy  . .  8
       4.2.1.  Functional Requirements  . . . . . . . . . . . . . . .  8
       4.2.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . .  9
     4.3.  Enable Management of Archived Data Objects . . . . . . . .  9
       4.3.1.  Functional Requirements  . . . . . . . . . . . . . . .  9
       4.3.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . .  9
     4.4.  Provide Evidence Records that Support Demonstration of
           Data Integrity . . . . . . . . . . . . . . . . . . . . . . 10
       4.4.1.  Functional Requirements  . . . . . . . . . . . . . . . 10
       4.4.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 10
     4.5.  Support Data Confidentiality . . . . . . . . . . . . . . . 11
       4.5.1.  Functional Requirements  . . . . . . . . . . . . . . . 11
       4.5.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 11
     4.6.  Provide Means to Transfer Data and Evidence from One
           Service to Another . . . . . . . . . . . . . . . . . . . . 11
       4.6.1.  Functional Requirements  . . . . . . . . . . . . . . . 11
       4.6.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 11
     4.7.  Support Operations on Groups of Data Objects . . . . . . . 12
       4.7.1.  Functional Requirements  . . . . . . . . . . . . . . . 12
       4.7.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 12
   5.  Operational Considerations . . . . . . . . . . . . . . . . . . 12
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 13
   7.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 14
   8.  Informative References . . . . . . . . . . . . . . . . . . . . 14
   Appendix A.  Application Scenarios . . . . . . . . . . . . . . . . 15
     A.1.  Archive Service Supporting Long-Term Non-Repudiation . . . 15
     A.2.  Pure Long-Term Non-Repudiation Service . . . . . . . . . . 15
     A.3.  Long-Term Archive Service as Part of an Internal
           Network  . . . . . . . . . . . . . . . . . . . . . . . . . 15
     A.4.  Long-Term Archive External Service . . . . . . . . . . . . 15

Wallace, et al.              Informational                      [Page 2]
RFC 4810                  Archive Requirements                March 2007

1.  Introduction

   Digital data durability is undermined by continual progress and
   change on a number of fronts.  The useful lifetime of data may exceed
   the life span of formats and mechanisms used to store the data.  The
   lifetime of digitally signed data may exceed the validity periods of
Show full document text