H-Net: Preserving and Improving Access to Specialized Electronic Mailing List Archives
H-Net Digital Preservation Policies and Procedures
Ensuring the Integrity of the H-Net E-Mail Lists
As described in the International Research on Permanent Authentic Records in Electronic Systems (InterPARES) guidelines, electronic records custodians must ensure that the records are kept free of tampering and corruption. MATRIX and H-Net are committed to ensuring the authenticity of messages on the H-Net e-mail lists through the active and ongoing use of cryptographic hash functions.
Within 24 hours of posting, the SHA-256 message digest algorithm is used to establish fixity for a message. Note that SHA-256 is currently recommended for use by the National Institute of Standards and Technology (NIST), as the more commonly used MD5 and SHA-1 cryptographic hash functions have been found vulnerable. The SHA-256 message hashes are stored in a database and used to perform fixity checks when a notebook file closes. (Notebook files contain seven days worth of messages for a given list. Refer to H-Net Message Ingest, Storage, and Retrieval Processes for an in-depth explanation of how notebook files are created and named.)
If the hashes reconcile, the closed notebook file will receive its own SHA-256 hash. Hashes will also be generated for notebook files created before April 2009, when MATRIX started using SHA-256 hashes to establish and check fixity for the messages and notebook files of the H-Net e-mail lists. All notebook file hashes will be stored in the fixity database, and notebook files will be validated using message digest calculations on a weekly basis.
The system administrator will receive an alert if either messages or notebooks do not reconcile with their established cryptographic hash functions. At this point, manual investigation and intervention on the part of the system administrator will be required to rectify the problem. All errors in message digest calculations will be logged.
Last Revised July 2009