David T-G
Wed May 22 15:06:01 2002

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Aurelio --

First, IANAL and I have no practical experience.  That said, though, ...

=2E..and then Aurelio Turco said...
% First party sends clear text to second party
% or publishes it for the public at large.
% Third party sees the data and claims authorship.
% Plagiarism.

Right.  What you must do is establish a prior claim to the data.
Unfortunately, the third party could set his clock back, copy the data,
sign it, and have just as valid a signature as you -- but with an earlier
timestamp.  You need an independent service of some sort, regardless of
whether you use gpg or not.

% Is it possible to protect against
% (third party) plagiarism using gpg alone
% short of having to encrypt the data?


% Cheers.
% Aurelio.
% PS: Anyone know how this is usually done?
% Does one register the data with a lawyer
% or a copyright officer or what?

AIUI, in the US one can send your item through the US Mail and get a
postmark and that is sufficient to prove a timestamp.  Of course, opening
the enclosure to show the item inside and prove your case destroys the
utility of the postmark, so you might send four or five copies in case
you have to open one or two.

Also AIUI, if you claim the copyright on an item, it's yours (barring
any other conflicts or complications, of course); you do not have to
register the item anywhere.  That gets back, however, to establishing
the earlier claim.

I vaguely recall mention of an escrow service on the 'net some time ago;
one would email one's document to them and they would keep the copy with
their timestamp and record of identification, so that when asked to prove an
origination date one could point to them and use their stamping.  You might
try a search for copyright, escrow, holding, plagiarism, and the like.


David T-G                      * It's easier to fight for one's principles
(play) * than to live up to them. -- fortune cookie
(work)    Shpx gur Pbzzhavpngvbaf Qrprapl Npg!

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.7 (GNU/Linux)