The Notary Based PKI -- A Lightweight PKI for Long-term Signatures on Documents

AuthorVigil, Martín; Moecke, Cristian Thiago; Custódio, Ricardo Felipe; Volkamer, Melanie
TypeConference Proceedings
AbstractWe propose a new Public Key Infrastructure model for long-term signatures. It is based on X.509 and the real world of handwritten signatures. In the model, notaries certify that a signer’s certificate is trustworthy to verify a particular signature at a specific time. An end user issues his own X.509 certificate, whose validity period is meaningless and whose trustworthiness is accepted only if the certificate was certified by a notary. After the certification, the certificate remains trustworthy even if later keys are compromised or notaries disappear. The benefits for signed document users are: i) the maintenance of a document signature is simple and only necessary to prevent the obsolescence of cryptographic algorithms; ii) the overhead to store and verify a document signature does not increase significantly in the long term; and iii) there is only one trust decision when verifying a document signature.
InEuroPKI 2012, September 13-14, p.85-97