Problem with faked-system-time option

Robert J. Hansen rjh at
Wed Jun 15 23:32:55 CEST 2011

On Wed, 15 Jun 2011 22:16:39 +0100, MFPA <expires2011 at> wrote:
> The "problem" is very simple: the timestamp contained in an OpenPGP
> signature cannot be relied upon as accurate without independent
> corroboration.

Corroboration is simply not possible.  A timestamp cannot be proven good
or bad.  You ultimately have to rely on someone's word: all you get to do
is choose whose word you will accept and why.

> An example of such corroboration is to use a
> timestamping service that is trusted by the relevant parties.

This isn't really "corroboration" so much as it is, "I choose to trust
someone else."

> You asserted that the signer's own signature timestamp was sufficient
> when a third party needs to prove when the document was signed.

And it is, assuming the third party trusts the signer.  If the third party
doesn't trust the signer, then we've left the realm of problems OpenPGP can
solve and we're into the realm of problems legal systems exist to solve. 
("I don't trust your timestamp!  You didn't use my preferred timestamping
service!  I'm not going to honor this agreement!"  "Fine, bucko: see you in

> I replied with the bare bones of a scenario where the third party 
> brings evidence that suggests the signature timestamp to be 
> incorrect, so that the signer needs to refute that evidence.

Quite probably the signer *shouldn't* refute that.  Refuting claims
doesn't convince anyone of anything except a particular claim is not
supported by facts -- it doesn't prove the claim is actually wrong.  "Okay,
so you've convinced me not to trust this evidence saying the timestamp is
incorrect: but you haven't done anything to persuade me the timestamp is
correct, which is actually the important thing."

(This is also why, e.g., it makes no sense to argue with a conspiracy
theorist: with a lot of effort you can prove the conspiracy theory to be
*unsupported*, but you can't actually prove it *wrong*.)

> As an example, if an independent timestamping service can be
> shown to be sufficiently reliable, it could provide the proof
> regardless of which party has an interest in using that proof.

It can't provide proof.  It can't even provide evidence.  It can only
provide a data point which both parties stipulate as being uncontested --
and nothing is easier to reverse than a stipulation.  ("Well, sure, I
trusted Honest Al's Timestamping Service... up until I saw they signed
THAT.  I repudiate this timestamp!  I don't trust Honest Al's Timestamping
Service any more!")

More information about the Gnupg-users mailing list