Problem with faked-system-time option
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jun 15 17:07:22 CEST 2011
On 06/15/2011 04:56 AM, Hauke Laging wrote:
> Am Mittwoch, 15. Juni 2011, 03:16:16 schrieb Jerome Baum:
>> We just need to agree on
>> a name, maybe Werner can confirm we are free to use
>> "timestamp-only at gnupg.org"? What would the value mean?
> Shall I repeat the proposal, or is that a question to Werner? :-)
> "The signer makes no statement about the content of the signed data (may not
> even have been able to read it) but only confirms its existance at the time of
> the given timestamp."
I think it is a mistake to make this particular notation, when signature
type 0x40 already exists:
0x40: Timestamp signature.
This signature is only meaningful for the timestamp contained in
I'm happy with the proposal to start using notations more, and creating
a culture of publishing well-defined semantics around them; i just don't
think this particular goal is well-served by notations, since it is
already in the core protocol specification.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1030 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users