Menu
▾
▴
Re: [Ejbca-develop] Blockchain as a new protection mechanism for Database Integrity Protection
|
From: Tomas G. <to...@pr...> - 2018-11-02 07:42:32
|
Just sayin' :-) "...for every use of blockchain that you would consider today there is a better technology" https://www.innovationaus.com/2018/10/DTA-goes-cold-on-blockchain Using merkle trees as a technology may have some interesting aspects though. Cheers, Tomas On 2018-11-01 22:00, Jaime Hablutzel wrote: > On Fri, Oct 26, 2018, 11:34 AM Andreas Kuehne <ku...@tr... > <mailto:ku...@tr...> wrote: > > Yes, a timestamp will do, or an Evidence Record (Merkle Tree + > Timestamp). > > Compared with BlockChain the responsiveness is likely the same and > there is > no need to run an additional power plant to perform useless PoW > computations. > > Another question always nagging me: > In non-monetary scenarios why should a significant number of parties, > unrelated to the given CA, perform the mining? What could be their > payback? > > > Not 100% if this is a valid example, but what about digital certificates > to be used for authentication/signature in inter-corporation processes > where the CA is a third party to all of them?. > > > > Greetings, > > Andreas > > -----Ursprüngliche Nachricht----- > Von: Manuel Dejonghe [mailto:ma...@de... > <mailto:ma...@de...>] > Gesendet: Freitag, 26. Oktober 2018 07:32 > An: ejbca-develop <ejb...@li... > <mailto:ejb...@li...>> > Betreff: Re: [Ejbca-develop] Blockchain as a new protection > mechanism for > Database Integrity Protection > > Hi, > I think CT Logs fulfill pretty exactly those requirements, and they > do store > their info in Merkle Trees, so you're pretty close here. > > cheers, > Manuel > On Thu, 25 Oct 2018 at 19:32, Jaime Hablutzel <hab...@gm... > <mailto:hab...@gm...>> wrote: > > > > Just a quick idea right now, but, what do you think of protecting > EJBCA > records with blockchain transactions?. This way, records in EJBCA > would be > verifiable with a distributed ledger and this could help to prove the > authenticity of certain data even to third parties (e.g. > government), for > example, the exact time when a certificate got revoked in the past. > > > > I think that this could be implemented just as a new protection > version > for Database Integrity Protection > (https://www.ejbca.org/docs/EJBCA_Security.html#src-23855405_id-.EJBCASecuri > tyv6.15.0-DatabaseIntegrityProtection). > > > > What do you think?. > > > > -- > > Jaime Hablutzel - RPC 994690880 > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > <mailto:Ejb...@li...> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > <mailto:Ejb...@li...> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > <mailto:Ejb...@li...> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
