[[!tag wishlist]]

(This is a continuation of Online secure timestamping. It is basically a brain-dump of a half-assed specification for what I would like someone to implement.)

A public notary is, basically, a professional witness. Typically, in many countries, they are bound by law to honesty, and face penalties if they break any rules. This ensures their trustworthiness.

It would occasionally be useful to have an automated notary service of sorts on the Internet. As a very basic example, it could be used to prove the contents of a Wikipedia page at a given point in time, without having to rely on Wikipedia's version control system.

Use cases

  • Albert is a freelance photographer, and wants to be able to prove he took his photographs before submitting them to some agency. He uses the DIWS to automatically gain a proof of ownership for all his photographs, as part of the photography workflow. When there is a dispute with an agency, he will provide the DIWS proof to convince the other parties about his right.

  • Beatrice is a civil liberties activist. She often needs to be able to prove that web sites are modified in suspicious ways. She does this by using DIWS to get timestamped proofs of their contents at various points in time. Later, the proven contents can be compared to show the modifications that were done.

  • ... is there ever a use case for just timestamping a checksum without having to prove ownership of the file from which the checksum was computed? There might be, and it's easy to support, so let's do that.

Timestamp a given file

  • User sends the contents of the file, or a checksum of the file, to the service, and the service returns a detached PGP signature for it. The signature has a timestamp.

Prove ownership of a copy of a given file

  • User computes checksum of the file.
  • User submits checksum to service.
  • Service responds with a random string.
  • User computes checksum of random string prepended to the file.
  • User submits second checksum to the service.
  • Service responds with a signed file listing both checksums and the timestamp.

Timestamp a website

  • User submits a URL to web page to be timestamped, with information on what they want returned: the HTML source, a text-only rendition of the web page, or a graphical rendition of the web page.
  • Service fetches the web page (HTML plus embedded content, including CSS), builds a ZIP file of the files, signs that, and returns the detached signature to the user.
  • Optionally the service may also render the web page and generate an image file of it. If it does, it includes the rendered page in the ZIP file, with a detached signature just for the rendered page.
  • Optionally the service may render the web page into a plain text file (think "lynx -dump"), and includes that file and a separate detached signature for it in the ZIP file.
  • The user may optionally retrieve also the ZIP file.

Distributed trust

  • Each service numbers all signatures it makes in consecutive order (1, 2, ...).
  • Periodically, each service timestamps one or more frequently updated news sites, and publishes the rendered page and its signature.
  • Each service publishes a summary of the signatures it has made.
  • Periodically, each service submits its summary to many other services to be signed.
  • If the number of services is large enough, and they cross-sign each others' summaries, it becomes very easy for a user to verify that a given service's timestamp happened at the claimed time.

HTTP operations

  • http://foo/timestamp -- POST operation, supply contents of file as "content".
  • http://foo/claim -- POST operation, supply initial checksum as "sha256". Response is a string of random bits and a UUID.
  • http://foo/prove -- POST operation, supply UUID from claim, and second checksum as "sha256".
  • http://foo/summary -- GET operation, return summary of current signatures.
  • http://foo/urlsign -- a GET operation, input is a URL, return is a digital signature

Edit: Old discussion page.