timestamp (0x40) signatures?
Bernd Eckenfels
lists@lina.inka.de
Mon Mar 4 22:31:02 2002
On Mon, Mar 04, 2002 at 12:17:24PM -0500, David Shaw wrote:
> I think it would be very good to clear this up in the next OpenPGP
> draft though. A notary signature sounds very useful and if it was
> clear what it meant, then we could implement and use it :)
The question is, if a special signature packet type is needed, anyway. The
notar can simply envelop the detached signature and a time-stamp-packet with
a normal PGP signature?
BTW: for X.509/SigG Applications something similiar is a requirement: one
checks the signature of a received document and asks the CA if the
certificate is still valid (OSPC). The received statement that for a given
time/query the certificate was not revoked should be archived by the
original receiver, to proof that the signature was not revoked (this is, to
avoid re-dating of signatures, which do not eed to carry a official
timestamp according to law, yet).
I guess something similiar can be added to the OpenPGP draft as the usual
application for Timestamp signatures.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!