timestamp notation @gnupg.org
Werner Koch
wk at gnupg.org
Thu Jun 16 14:56:32 CEST 2011
On Thu, 16 Jun 2011 13:21, mailinglisten at hauke-laging.de said:
> OK but GnuPG is an infrastructure tool and not so much about personal
> preferences, isn't it? ;-) So the relevant questions should be:
I believe it is. However, I maintain GnuPG as a pro-bono service for
more than a decade now and thus it matters whether I have a personal
interest in a feature.
> This notation is a more compatible alternative to the signature type 0x40. So
> its explanation could be used:
>
> "Timestamp signature. This signature is only meaningful for the timestamp
> contained in it."
That is a bit too terse. What is a timestamp how is it formatted in the
message and what does such a signature actually mean.
Oh, I see: We are back to that long thread and to the reason why the
rfc1991 defined timestamp signature class has nevver been used in
reality.
> I would add for clarity: "The signer makes no statement about the signed data
> (including that he has read it or at least could read it at all) except that
> it existed at the time given in the signature timestamp."
Well, so write that into the signed data or the signature meta data and
you are done. We have a policy flag for that.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list