Problem with faked-system-time option
mailinglisten at hauke-laging.de
Wed Jun 15 23:58:31 CEST 2011
Am Mittwoch, 15. Juni 2011, 23:19:33 schrieb David Shaw:
> Or more specifically, what should GnuPG do
> differently for a timestamp-only signature compared to a regular
It should at least change the message from
"Good signature from ..."
"Good timestamp-only signature from..."
in order to help the user avoid a misunderstanding. It is good if you can show
that you acted correctly (used this notation) and someone has misunderstood
what you did. It is better to prevent the other one from misunderstanding it
> I'm not against the user deciding to mark the notation as critical if he
> chooses to do so. I just wouldn't have it automatically and always
I support that. A non-critical timestamp signature is technically usable on
"all" systems, a critical one would be usable on few only. That's IMHO a much
bigger problem then the non-recognition of the feature. After all the correct
understanding of a signature is up to the recipient anyway (impossible without
the signature policy). This notation allows you to skip checking the policy.
I would like "popular" notations to be mentioned in the GnuPG documentation. I
guess that will not take much space. :-) Or at least a document describing
those should be given.
You also might consider introducing --timestamp-only (easy to remember) or
similar as an alias for --sig-notation timestamp-only at gnupg.org=default.
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 555 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users