Series of minor questions about OpenPGP 2

[Peter Thomas]

Hi David.

btw: Thanks for your excellent answers. Great to have one of the RFC
authors here :-)

On Mon, Jan 26, 2009 at 11:28 PM, David Shaw <dshaw at jabberwocky.com> wrote:
> It's a "token", that can be given from one person to another.  The
> token contains only what is stated inside the signature itself.  Let's
> say I put some useful information inside a notation packet, or perhaps
> it contains identity inside a keyID packet, etc.  Think of it as a
> physical token and some uses come to mind.
Ah,.. I see.

> GPG doesn't support it.  Neither does any other OpenPGP program that I
> know of.
What a pity :-(

> It's used for designated revocation signatures.  There is no reason
> why it *couldn't* be used for key expiration or key flags, but 0x13
> works just as well for this.  OpenPGP supports both 0x1F and 0x13
> (0x10, 0x11, 0x12), and historically people used 0x13, so there was
> never a real reason to change.
Ok,.. I'll come back to this later when I ask some stuff about
signature subpackets.
Would gnupg understand these subpackets in a 0x1F signature?

> It's a Notary signature.  For example: Alice writes a document.  She
> later wants to be able to prove when it was written.  Obviously we
> can't trust Alice's signature to prove that since she can set her
> clock to whatever she likes.  We can, however, trust the notary (or
> many notaries).  Alice signs the document, and then brings the
> signature to the Notary.  The Notary verifies that the signature is
> sane (i.e. the date is current) and then signs the signature (with an
> 0x50).  Alice gets her proof, and significantly does not have to show
> the Notary her original document.
Ah,.. now I understand :-) So it's somehow comparable to the timestamp
signatures, isn't it?