Problem with faked-system-time option

Hauke Laging mailinglisten at hauke-laging.de
Wed Jun 15 00:34:48 CEST 2011 

Am Dienstag, 14. Juni 2011, 21:25:06 schrieb MFPA:
> Hi
> 
> 
> On Tuesday 14 June 2011 at 12:33:08 AM, in
> <mid:201106140133.09131.mailinglisten at hauke-laging.de>, Hauke Laging
> 
> wrote:
> > You should tell apart who has to prove something. Your
> > argument is valid if the signer has to prove that he
> > has made the signature at (or before or after) a
> > certain date and time. His own signature is no proof in
> > that case as he can easily fake the timestamp.
> > 
> > If a third party has to prove that and when the signer
> > has signed a document then the signature timestamp is
> > perfectly OK.
> 
> Suppose the party who originated the document to be signed
> subsequently presents (possibly faked) evidence showing the document
> to have been prepared later than the signature timestamp. The signer
> is now unexpectedly in the position of having to prove something.

First: That is no contradiction to what I have said. Have a look at the 
offline world: You never(?) sign anything in order to be able to prove that 
you have done or have to do something. You sign in order for others to be able 
tp prove that you have done or have to do something.

Second: I really doubt that your case is a practical problem. As I said: The 
other one's interest is usually to be able to prove that you have signed and 
not that you haven't.

A treaty is signed by both parties. So if you have not been fooled into a 
faked signature by the other party then you have a signature with a timestamp 
close to yours.

And even if you were "accused" of having signed with a faked system time: So 
what? This accusation is very dangerous, BTW. Everyone can easily get 
trustworthy timestamps for his documents or signatures. So you present a 
"proof" that the other one has manipulated and he has a better proof that your 
"proof" is fake? Faking such a proof is probably much worse than faking a 
timestamp for a normal signature.

An idea: I suggest a standardized signature notation like "timestamp". It 
would indicate that you don't make any statement about the signed content 
(which even may be encrypted, even against you) but just confirm the time of 
existence. That would solve (or reduced) the recently mentioned problem "You 
don't know what you sign".


The real problem is IMHO that keys can be revoked (without any bad intention). 
If you don't have a third party timestamp or something similar to prove that 
the signature has been made before the key was revoked then the signature is 
nearly worthless.

That's why I think it would be a good idea to add a signature to all signed 
incoming emails. Then at least you know that those signatures can be trusted. 
Better would be a third party confirmation. The ISPs could do that. Store the 
hash of each delivered email and send you a signed hash list from time to 
time.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110615/63668864/attachment.pgp>

More information about the Gnupg-users mailing list