datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

Long-Term Archive Service Requirements
RFC 4810

Document type: RFC - Informational (March 2007)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4810 (Informational)
Responsible AD: Russ Housley
Send notices to: ltans-chairs@tools.ietf.org

Network Working Group                                         C. Wallace
Request for Comments: 4810                            Cygnacom Solutions
Category: Informational                                      U. Pordesch
                                                 Fraunhofer Gesellschaft
                                                             R. Brandner
                                                   InterComponentWare AG
                                                              March 2007

                 Long-Term Archive Service Requirements

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   There are many scenarios in which users must be able to prove the
   existence of data at a specific point in time and be able to
   demonstrate the integrity of data since that time, even when the
   duration from time of existence to time of demonstration spans a
   large period of time.  Additionally, users must be able to verify
   signatures on digitally signed data many years after the generation
   of the signature.  This document describes a class of long-term
   archive services to support such scenarios and the technical
   requirements for interacting with such services.

Wallace, et al.              Informational                      [Page 1]
RFC 4810                  Archive Requirements                March 2007

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  General Principles . . . . . . . . . . . . . . . . . . . . . .  5
   4.  Technical Requirements . . . . . . . . . . . . . . . . . . . .  6
     4.1.  Enable Submission, Retrieval, and Deletion of Archived
           Data Objects . . . . . . . . . . . . . . . . . . . . . . .  6
       4.1.1.  Functional Requirements  . . . . . . . . . . . . . . .  7
       4.1.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . .  7
     4.2.  Operate in accordance with a long-term archive policy  . .  8
       4.2.1.  Functional Requirements  . . . . . . . . . . . . . . .  8
       4.2.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . .  9
     4.3.  Enable Management of Archived Data Objects . . . . . . . .  9
       4.3.1.  Functional Requirements  . . . . . . . . . . . . . . .  9
       4.3.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . .  9
     4.4.  Provide Evidence Records that Support Demonstration of
           Data Integrity . . . . . . . . . . . . . . . . . . . . . . 10
       4.4.1.  Functional Requirements  . . . . . . . . . . . . . . . 10
       4.4.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 10
     4.5.  Support Data Confidentiality . . . . . . . . . . . . . . . 11
       4.5.1.  Functional Requirements  . . . . . . . . . . . . . . . 11
       4.5.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 11
     4.6.  Provide Means to Transfer Data and Evidence from One
           Service to Another . . . . . . . . . . . . . . . . . . . . 11
       4.6.1.  Functional Requirements  . . . . . . . . . . . . . . . 11
       4.6.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 11
     4.7.  Support Operations on Groups of Data Objects . . . . . . . 12
       4.7.1.  Functional Requirements  . . . . . . . . . . . . . . . 12
       4.7.2.  Rationale  . . . . . . . . . . . . . . . . . . . . . . 12
   5.  Operational Considerations . . . . . . . . . . . . . . . . . . 12
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 13
   7.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 14
   8.  Informative References . . . . . . . . . . . . . . . . . . . . 14
   Appendix A.  Application Scenarios . . . . . . . . . . . . . . . . 15
     A.1.  Archive Service Supporting Long-Term Non-Repudiation . . . 15
     A.2.  Pure Long-Term Non-Repudiation Service . . . . . . . . . . 15
     A.3.  Long-Term Archive Service as Part of an Internal
           Network  . . . . . . . . . . . . . . . . . . . . . . . . . 15
     A.4.  Long-Term Archive External Service . . . . . . . . . . . . 15

Wallace, et al.              Informational                      [Page 2]
RFC 4810                  Archive Requirements                March 2007

1.  Introduction

   Digital data durability is undermined by continual progress and
   change on a number of fronts.  The useful lifetime of data may exceed
   the life span of formats and mechanisms used to store the data.  The
   lifetime of digitally signed data may exceed the validity periods of

[include full document text]