Series of minor questions about OpenPGP 2

[David Shaw]

On Jan 26, 2009, at 6:20 PM, Peter Thomas wrote:

>> It's used for designated revocation signatures.  There is no reason
>> why it *couldn't* be used for key expiration or key flags, but 0x13
>> works just as well for this.  OpenPGP supports both 0x1F and 0x13
>> (0x10, 0x11, 0x12), and historically people used 0x13, so there was
>> never a real reason to change.
> Ok,.. I'll come back to this later when I ask some stuff about
> signature subpackets.
> Would gnupg understand these subpackets in a 0x1F signature?

Yes.  It's a valid key as per the spec, even though no program  
actually generates such a key that I know of.  Note that I can't make  
that same guarantee for other programs.  I suspect they'd work, but  
you'd have to check to be sure.

>> It's a Notary signature.  For example: Alice writes a document.  She
>> later wants to be able to prove when it was written.  Obviously we
>> can't trust Alice's signature to prove that since she can set her
>> clock to whatever she likes.  We can, however, trust the notary (or
>> many notaries).  Alice signs the document, and then brings the
>> signature to the Notary.  The Notary verifies that the signature is
>> sane (i.e. the date is current) and then signs the signature (with an
>> 0x50).  Alice gets her proof, and significantly does not have to show
>> the Notary her original document.
> Ah,.. now I understand :-) So it's somehow comparable to the timestamp
> signatures, isn't it?

They are similar, except that a timestamp signature is presumed to be  
over actual data.  A notary signature is made over another signature.

David