The latest version was saved by David Blanco Giró on 2012-11-27 17:06:20.
This document is the English translation of the original one in Spanish ( https://www.tractis.com/contracts/588066573 ). This English translation is provided for user convenience, but it is not binding. The Spanish original is the only legally binding document between you and Tractis.
Tractis Long Term Archiving Policy
Advanced digital signatures enable the preservation of content linked together with its signer.
Moreover, the lifetime of a signature is bounded by the validity period of the certificate it was made with. Under current legislation (Spanish Law 59/2003), the maximum lifetime of an accepted certificate is 4 years, and signature evidences have to be kept for up to 15 years in some cases.
There is the possibility also that the algorithms used for making the signature might be broken after the signature was made but still during the its preservation period, which implies that even advanced electronic signatures need additional protection measures to guarantee their integrity across time.
Furthermore, there is a lot of other content that is not protected by a digital signature but that may require being preserved also.
- LTA: Long Term Archive
- SVA: Semantic Validation Authority
- TSA: Time Stamp Authority
- DPC: Data Processing Center
- Document reference: urn:tractis:pki:ltap:1.0
- Location: https://www.tractis.com/pki/ltap/1.0
3. Document objective
This document defines the characteristics of the Tractis Long Term Archive or LTA service, the security measures it provides and the service parameters governing it.
4. Service provision framework
This document extends and specifies the provisions for services based on digital signature set forth in the document Tractis Certification Practice Statement for the Long Term Archive service.
Thus, the general framework under which this service is provided is that defined by the above document, being the sole remit of this document to define those specific to the Long Term Archive or LTA service.
5. Service description
The Long Term Archive service provides a secure repository for digital content. This repository enables the application protection measures over the contents under custody in order to ensure their integrity over time.
Thus, using mechanisms based on digital signature techniques, we ensure that the content that the service returns is the same that was stored in the first place and has not been altered since.
5.1. Service motivation
There are many contents that require preservation to guarantee their integrity over time. An example of such contents would be signed documents. These documents typically require a preservation period longer than lifetime of their certificates (that does not normally exceeds 5 years). The LTA service allows for the extension of the preservation period of the signed content beyond this certificate lifetime using mechanisms that overcome this problem.
5.2. Tractis proposal
Tractis uses timestamps for protecting the stored contents and, thereby, disposes of effective mechanism for determining when this protection was added on the content.
Unfortunately, the life of a time stamp is determined by the lifetime of the certificate that is issued with, which creates a problem similar to that presented by signed documents.
To overcome this problem Tractis employs a technique known as "timestamp chains", where timestamps are chained over time in succession in such a way that the last one added protects to all the content before it, including time stamps previously added.
5.3. Service components
Tractis offers a service that allows for content archiving and later retrieval. Additionally certain search primitives and content labeling are also implemented.
All content is protected by authorization mechanisms that require client authentication for its use.
A detailed definition of the services offered, and examples of specific integrations for different programming languages appear in the section on Long Term Archive service integration of the Tractis help page on the tractis.com website.
5.4. Related infrastructure services
The LTA service employs the Tractis TSA and SVA services to generate and validate timestamps on the protected contents. The terms for both services are detailed in their respective statements of practices.
Recovery of stored content
When the client decides to recover the stored content, it will be delivered along with time stamp or stamps which were applied to it during the time period the content has been kept under custody.
In this way the customers can opt to continue preserving the content using their own means, but do not have the possibility of reinserting this content along with their time stamps back into the system.
6. Activity and audit registries
All LTA activity registries falls within the general framework for the management of activity registries defined in the Tractis CPS.
6.1. Data protection
The contents received by the file are seen by this as opaque material. No processing at all is performed on this content except that required to protect it, where the content is viewed as raw bit strings and not as interpretable data.
Furthermore, the contents are stored in Tractis infrastructure, applying the same rigor in their custody that is applied to all other data that are part of the digital signature infrastructure.
To maintain this rigor in the protection of the data we apply the same control and protection measures applied for the handling of service evidences defined in the Statement of Tractis Certification Practices.
The LTA administration deals with the processes for managing archived content, stamping policy service management and control. All management will follow the criteria for authentication and registration of events defined in the Tractis CPS.
Stamping policies define the time stamp authority or authorities to be used to issue the time stamps, and the period of time that must pass since the last stamp was applied to some content until a new one is to be applied.
For Tractis the TSA used is the Tractis TSA. The restamping period is 3 months, which means that all the TSA content will be restamped after 3 months from the last time stamp.
The administration, monitoring and maintenance of the Tractis LTA systems will be carried out only by personnel from the Tractis Core Development Team.
7. Physical security, management and operations controls
This section follows the provisions in the Tractis CPS.
8. Dispute resolution
This section follows the provisions in the Tractis CPS in the section Parties Identification for Dispute Resolution
9. Cessation of service
This section follows the provisions in the Tractis CPS. In the concrete case of the stored contents, their owners will be notified with sufficient advance by a channel is deemed appropriate, so they can retrieve them well before the service discontinuance.
10. Disaster contingencies
This section follows the provisions in the Tractis CPS.
11. Referenced documents
- DSS core 1.0 .- http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html
- ETSI TS 102 023.- Available on the ETSI website.