Problem with faked-system-time option

MFPA expires2011 at ymail.com
Tue Jun 14 00:00:00 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 13 June 2011 at 9:19:18 PM, in
<mid:BANLkTi=3fdPTvRkpCd0GZHASVizNLnq48w at mail.gmail.com>, Jerome Baum
wrote:


> Yes, and it is trivial to write a fake date next to my
> signature. That doesn't mean there are no legal
> implications. In fact, just as I can commit fraud
> (under the right circumstances) by writing that fake
> date on a piece of paper, I can commit fraud by using a
> fake time-stamp in an OpenPGP signature.

Commit fraud, or make a trivial error...


> Let's summarize: The signature time has potential legal
> implications.

Fair enough. But, as you illustrate above, it is trivial for a
signature date/time to be incorrect. Therefore it is potentially
unsafe to rely on them as being correct.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Nothing a Pan-Galactic Gargle Blaster won't cure!
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJN9ohpnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p/4ID/iUX
UbC2QZLJwcBsOOcGgNrrjhaR4tFPG0/RbKepbSP2kDi8XNH+zOAGgyrEqs8+iDBA
ONgfhuMnJHGpj9t8R/cT9qO6ljesATM/JcVs8aUAC4ARHUis3OXI+LllVSFCo2Pg
gVbriV8IpIXP7+naqa7L08/GWZ7qhd+4ydk7Bv6v
=Cp0G
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list