> On Wed, 17 Jan 1996, Alex French wrote: > > This is a little off the point, but does anyone know any secure > > time-stamping systems for e-mail on a UNIX system? > There is also a service that will time-stamp email for you. The URL is: > http://www.itconsult.co.uk/stamper.htm i also recommend to your attention the Digital Notary Service of Surety Technologies, which is based on a set of really cute hacks invented by Stuart Haber and Scott Stornetta when they were at Bellcore see http://www.surety.com an few excerpts from their faq: Q. How does the Digital Notary Service work? Using the Digital Notary Software Developer's Kit, you can integrate the Service into your enterprise. Each electronic record that you generate will automatically be certified. The Service does this by automatically producing a short, unique "fingerprint" of your document through a mathematical process called "one-way hashing." This fingerprint alone contains no information about your original document; in other words, it can't be reverse-engineered. The Digital Notary Server software running on your computer then uses a patented synchronization protocol to transmit this fingerprint (via Internet, dial-up, or leased line) to a Coordinating Server or CS. The CS software mathematically links your certified records with all other records certified within a common one-second time interval. Next, unique identifying information about your records is transmitted back to your application. The Digital Notary program then issues an electronic, time-stamped certificate for your records. This certificate, which is actually a small electronic file, is automatically stored in your designated local database. During this entire process,your actual record never leaves your hands; only the fingerprint and other mathematical and timing information are transmitted outside the walls of your company. Later (which could be minutes, months, or years), anyone who needs to verify the integrity of a certified digital document uses the Digital Notary Service to validate that document. The Service quickly informs the user if the record in question is valid or whether, instead, it has been altered in content or time. Q. How do I know that Surety itself won't backdate a certificate? Because the nature of our patented Service means that we could not backdate a certificate even if we tried our hardest. We like to say that "You can trust us because you don't have to." In fact, even if we collaborated with the certificate holder, we could not backdate the certificate. The Service's patented mathematical algorithms ensure that no one will be able to backdate any certified document. In addition, Surety maintains a Universal Validation Record that mathematically links together all certified records. Since the Record contains no information whatsoever about our customers or their documents, we will also publish certain of its contents at regular intervals on the Internet and in The New York Times. These public, widely-witnessed publishing events will irrevocably link the Record, and every document represented in that Record, with the contents of dated publications available on a world-wide basis. Falsifying the Record would mean not only surmounting impossible mathematical odds, but also altering the contents of already existing , widely-distributed copies of The New York Times. That's what we mean when we say the Record is truly unimpeachable. Q. So exactly how tamperproof is the Service? Much more secure than even the most secret banking or government transactions. That's because major banks and government agencies utilize one-way hashing algorithms to secure their most important transactions. In fact, one such algorithm, called SHA or SHS, was designed by a super-secret government security agency. Digital Notary Service uses two one-way hashing algorithms (SHA and another one called MD5) to protect each and every document. Moreover, we have developed techniques that will enable us to incorporate even more secure algorithmic methods as they are developed. So even if MD5 and SHS were replaced by better methods, we could easily use them and continue to offer the highest possible level of security for digital documents. Our using these methods means that Digital Notary certificates provide a level of document unimpeachability unmet by any industry today.