Subject: Re: recover private key

Robert J. Hansen rjh at
Wed Jan 14 04:34:36 CET 2009

Avi wrote:
> Yes, Robert, that is possible. However, IIRC, signatures come with a
> time stamp.

The OpenPGP time stamp is not a trusted timestamp and should not be
relied upon for any trusted purpose.

> In the case I am envisioning, the quotER is taking it from
> somwhere, and the quotEE can show the prior, complete post.

Assuming you still have a copy of the message, yes.  But in the case
you're talking about, what does the signature buy you?  "Yes, I did
write that, but in the full context (available at this link...) you see
I meant something quite different."  That's as effective with a
signature as without.  So I don't see how this is an example of the
utility of a signature.

> Yes, this does not prevent someone from pre-creating two different
> messages, but someone resorting to that level of duplicity is both
> uncommon and will likely have other prevaricatory methods as well.

There's no pre-creation necessary in the scenario I outlined.  Maybe I
just know an uncommon class of scoundrels, but that level of
skullduggery is fairly tame in my experience.

More information about the Gnupg-users mailing list