what does a timestamp signature mean? [was: Re: Problem with faked-system-time option]

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jun 16 20:53:34 CEST 2011 

On 06/16/2011 02:27 PM, Jerome Baum wrote:

> this discussion is much more interesting. Let's keep the arguments
> about specification, usefulness, etc. out of this thread!

Actually, i think usefulness and specification are quite important.
Without them, this discussion is just noise to me.

> [dkg wrote]:
>> I don't think this is the general consensus.  Timestamps *are*
>> meaningful -- they are an assertion by the person making the signature
>> of what time they made the signature.
> 
> I would say that it's a matter of interpretation, 

I actually don't think what i said above is a matter of interpretation.

> The law tends to consider two parts:

I'm not actually on this list ("gnupg-users", ahem) to discuss the law;
can we stick to the crypto and its real-world consequences,
specifications, and usefulness (or lack thereof)?  This does mean that
we'll occasionally venture into legal territory, but (a) there are
probably many different jurisdictions represented on this list, and (b)
many of us (myself included) have little to no legal training.

> Not really. What I want is some way to say "I saw this at-or-before
> time X".

This is (roughly) what i defined as (b) later in my message.  If you'd
like to replace "i saw this" instead of "i made this signature" then
fine; that's a matter of signing policy; or, you could simply make a
document that says "I saw the document with digest XXXX".  At any rate,
we're talking about what the timestamp in the signature means (or can mean).

>>  a) "This signature was made after time X-e", and
>>  b) "This signature was made before time X+e"

 [...]
> Does anyone really have an interest in proving (a) (other than to
> dispute (b), of course)?
 [...]
>> I think part (b) is much harder to prove effectively, and (alas) it's
>> probably what people really want to know.

i answered your question in the original mail here, i think.


>  Anyway, you'd have a hard time specifying (a)
> entirely, as there's the problem of choice: Do I use NYT or bitcoin's
> data?

That's not actually that hard; it's just some (somewhat political)
legwork to make sure there is a rough consensus on one decision or the
other, then making that decision, writing up the detailed specifications
publicly in an unambiguous manner.

Writing some code to make it easy to use might be hard, but specifying
it is not particularly difficult, if you decide you want it.

> As for (b), the idea behind this notation was to enable lots of
> smaller services, just like the WoT.

I'm afraid i don't see the analogy.  Can you spell out what you intend
to enable with more specifics, and why it would be useful?

> Again, wasn't the goal. As for usefulness of assertion-by-signer, see
> above for repudiating that you made/intended to make that assertion.

???  When i make a signature with a timestamp in it, i am very much
making (and intending to make) the assertion that the signature was made
at that time.  I see no repudiation in your message, only that "some
people don't know that they are making this claim".  I'd also argue that
some people don't know that when they put a date next to their
pen-and-ink signature, they're making the claim that that pen-and-ink
signature was made on that date.  But it's certainly what most of us
mean by it.

> I also doubt that OpenPGP signatures will be relevant in a proceeding
> where relativity comes into play. At least in practice.

If you say so; i'd like for the code i write to be able to work on
spacecraft or satellites at some point, so it's worth keeping the idea
in mind (again, i'm ignoring the "proceeding" remark because i'm talking
about useful, specified code, not legal proceedings)

> If you think about a timestamp is for, usually you're not actually
> concerned with saying "I did X yesterday". You're usually concerned
> with saying "I did X within 2 weeks of your notice", or "I did X
> before you did Y". Other options include "I did X before the
> cancellation deadline" and "I did X within 2 minutes, so I was acting
> promptly and wasn't negligent".

right, and this is what i suspect you'd need a global, published
timestamping service for.  Maybe your time would be better spent working
out what such a service would look like.  If you can define the service
itself (centralized, distributed, or whatever), then you'll get a better
sense of what semantics you need from OpenPGP.  Maybe such a service
already exists!  I haven't looked for it; have you?

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110616/118a6354/attachment.pgp>

More information about the Gnupg-users mailing list