Exact timestamps may be bad

Werner Koch wk@gnupg.org
Mon Jul 29 18:38:02 2002


On Mon, 29 Jul 2002 17:12:21 +0200, Volker Gaibler said:

> either way there would be the possibility of a replay attack.

Please keep in mind that OpenPGP and thus GnuPG is not designed to
protect against replay attacks. 

What might make sense is to a have an option --throw-timestamps and
don't create the timestamp sub packet for v4 keys or set it to zero
for v3 keys.


Salam-Shalom,

   Werner