| Abstract | Digital archives rely on trusted parties, such as Certification
Authorities, to ensure authenticity, integrity and proof of existence
protection for documents. In this paper, we analyse the trust assumptions
that a verifier has to make in order to trust in the protection of a
document. We show that trust fades out in the long term due to the
ever-growing number of trusted parties. Despite of such a dire prospect,
current technologies, such as X.509 PKI, do not assess trust, thereby
leaving verifiers in the dark. We present a certification scheme for
documents that provides verifiers with a better assessment of trust than in
X.509 PKI. In the proposed scheme, trusted parties are rated based on the
correctness of their performance. From the ratings, verifiers can assess
quantitatively the trust in the trusted parties for the short term, and in
the protection of documents for the long term. The proposed scheme
encourages trusted parties to work properly. |
|---|
