Signature semantics

vedaal at vedaal at
Tue Nov 4 19:18:23 CET 2008

David Shaw dshaw at
wrote on Tue Nov 4 17:58:49 CET 2008 :

> It is not the place of GPG to modify the plaintext.


>GPG should just provide necessary primitives to solve this, 
>and it does:

>gpg --sig-notation 
>"whatever at encrypted this to Baker!" 
>--sign --encrypt  blah.txt

>The notation will be hashed into the signature and cannot be 
>without invalidating the signature.

works nicely,
but needs a user to be reminded to do it ;-)

how about a friendly gnupg reminder prompt:

gpg: you have chosen to sign with 'u' and encrypt to 'r'
gpg: would you like to add a sig-notation "encrypted-to-keyname-r" 

>All that said, doing this isn't a cure-all.  Alice (the signer 
>may not want her intended target to be public.

then, in that case, 
(where Alice chooses 'n' to the above well-meaning prompt)
how about this as a feature;

when gnupg decrypts and verifies,
if there is a delay of more than 1 minute between signing and 
then gnupg gives the following 'alert':

gpg: message is signed and encrypted
gpg: signature made at time x, encryption made at time y
gpg: duration between signing and encrypting: time z
gpg: please verify with sender, also check time of e-mail sending

now, even if the attacker goes through the trouble of altering his 
computer time-clock to the time of the signature and then encrypts,
there will still be an unmistakable 'suspicious' delay in the e-
mail sending 


any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

Click here to find your roomate.  Search 1000's of available roomates.

More information about the Gnupg-users mailing list