Comments on: Wacky Business Idea #17: Timestamp, Inc. / Notary.com

By: Anurag

Anurag — Fri, 16 Dec 2011 18:23:39 +0000

Have you read http://en.wikipedia.org/wiki/Linked_timestamping a better secure and simpler way

By: David

David — Wed, 27 Jul 2011 20:04:34 +0000

You are a describing digital signature service. They are tons of them, including adobe for all your pdf’s (and anything else you want to sign). They are considered legal signatures with timestamps for electronic documents. You just get it digitally signed and email it directly to the recipient. The signature is for that specific document, if the document is modified the signature is not valid and an original copy must be obtained. Word has had native support since 2003 and the DS services have been around since at least 2000. Not sure when this was posted, but the blog is copyright 2007-2011. You might have trouble making money in this market without a name like Adobe or VeriSign.

By: Mr. Cheap

Mr. Cheap — Tue, 17 Mar 2009 12:27:11 +0000

TSrump: Yes, there are limits to WHAT part of a person’s identity this method is verifying (their e-mail address and phone number).

By: Mr. Cheap

Mr. Cheap — Tue, 17 Mar 2009 03:19:20 +0000

Jordan & Jean-Philippe Daigle: Yes, you’re absolutely right that a hash could be used instead of the document for most operations (and would have the added value of letting the customers control their security themselves). The service *COULD* offer security and backup for the document (which the user could then delete on their end) for customers who weren’t comfortable doing this themselves.

Timestamping hashes would be basically free for the company if they did automated phone authentication. As you suggest, this authentication could easily outlive the company…

TMW: One advantage of a centralized system (beyond saving the $500 / hour) is removing any doubt that the law firm itself “adjusted” the document…

By: Jean-Philippe Daigle

Jean-Philippe Daigle — Tue, 17 Mar 2009 00:14:11 +0000

You wouldn�t even have to send full documents in to time stamp them, just a hash value of the documents content would be enough proof and would also require far less resources to operate.

I came in to post exactly this. For the core part of the service, your trusted authenticator only ever needs to sign a hash of the document + the current timestamp, it never needs the full document or any long-term storage whatsoever (releasing of documents in the future, as hinted, is another story). I’m surprised the post author didn’t present it this way – The trusted party doesn’t even need to remember how many hashes it signed, it can be completely stateless.

You would also need to convince users that your system will continue to exists indefinitely. If there�s any doubts about your ability to stay in business it would severely undermine you.

In addition, it’s not necessary for the service to remain in operation forever, as it publishes the public part of its signing key – as far in the future as you’re willing to trust that certificate, once it’s been published you don’t need the trusted service anymore, as you can verify that it signed a document hash and timestamp.

By: Thicken My Wallet

Thicken My Wallet — Mon, 16 Mar 2009 18:56:04 +0000

You have to be in a lawyer’s presence to have documents notarized so you can’t do that part of your idea.

…however, as I mentioned before, your ideas are not wacky but good. A lot of law firms have a similar system for their clients. You access a site and login and it has all of your documents listed with date created and the lawyer who drafted the document. Now, they are charging you $500 + per hour so that is what may make the economics work…

By: Jordan

Jordan — Mon, 16 Mar 2009 18:07:10 +0000

I’d say it’s the best wacky business idea I’ve read so far.

Sounds like a good service to add on top of Thawte’s ‘web of trust’ where you already have a public/private encryption key to identify people. You wouldn’t even have to send full documents in to time stamp them, just a hash value of the documents content would be enough proof and would also require far less resources to operate.

I think the business model could be to offer a completely free service to individuals, including a full API to be used by third party sites and services to grow the reputation and support. Revenue would come from charging a corp license.

By: Mr. Cheap

Mr. Cheap — Mon, 16 Mar 2009 17:48:38 +0000

MJ: Yes, I think that’s probably the “deal breaker” with this. There isn’t a lot of money to be made, but it demands a “big and stable” image (so users know you’ll stick around and maintain their documents for a long time).

Maybe there’s no middle ground where this would work…

By: Michael James

Michael James — Mon, 16 Mar 2009 16:08:27 +0000

Actually back in the 80s and 90s as technology advanced enough to make public key cryptography (for digital signatures) more practical, many people considered running a business similar to what you describe including my former employer. As far as I know, nobody ever made a serious effort. We didn’t do it mainly because there didn’t seem to be a way to make much money at it. Maybe it would work better for an operation employing only a couple of people.