Problem with faked-system-time option
expires2011 at ymail.com
Thu Jun 16 02:19:39 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
On Wednesday 15 June 2011 at 10:38:00 PM, in
<mid:49d3d13e0743dca7849ce69ead91eb6c at localhost>, Robert J. Hansen
> As soon as you're able to prove to a court that a
> timestamping service's clock is fair and honest, sure.
> But if you're able to prove that a timestamping
> service's clock is fair and honest, then the original
> signer could use the same process to prove *his*
> timestamp is fair and honest
It depends on the proof. If it involved referring the court to
hashed/signed information regularly published by the timestamping
service, such as to newsgroups or in newspapers, the original signer
may not have similar to rely upon.
> -- and thereby remove the
> need for a timestamping service in the first place.
The parties themselves could nest signatures on a document: A signs, B
signs the signed document, A signs again, B signs again. Each party
has a signature that is constrained to have been applied between two
signatures of the other party. Would that not remove the need for a
> Your argument leads to a paradox. If a timestamping
> service's clock can be proven to be fair and honest,
> then there is no need for timestamping services.
Proving a timestamping service's clock to be fair and honest would not
remove my ability to alter my system clock or to use software to pass
a different time to GnuPG.
> Timestamp authorities are *trusted* to be fair and
> honest -- but that's not the same thing as *proven* to
> be, and nothing in the world is easier to revoke than
Even those that publish records/hashes are not really *proving* their
MFPA mailto:expires2011 at ymail.com
Time flies like an arrow. Fruit flies like a banana. -- Groucho Marx
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users