Problem with faked-system-time option

Hauke Laging mailinglisten at
Wed Jun 15 02:59:21 CEST 2011

Am Mittwoch, 15. Juni 2011, 01:35:45 schrieb Jerome Baum:

> > An idea: I suggest a standardized signature notation like "timestamp". It
> > would indicate that you don't make any statement about the signed content
> > (which even may be encrypted, even against you) but just confirm the time
> > of existence. That would solve (or reduced) the recently mentioned
> > problem "You don't know what you sign".
> Why modify the standard?

Because signature notations are supposed to be standardized. There aren't any 
yet though. Nobody suffers from defining a string to mark timestamp-only 
signatures. That is easily parsable both for software and for humans. 
Timestamps are an important application. I don't think that there is any equal 

Furthermore this might make signature notations more popular. IMHO they are a 
very useful nonetheless nearly unused feature.

To repeat myself again: I also hope that in a not so far future there will be 
signature notations which can give detailed (and parsable) information about 
the signature policy.

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110615/a6499e02/attachment-0001.pgp>

More information about the Gnupg-users mailing list