Problem with faked-system-time option

[David Shaw]

On Jun 16, 2011, at 1:32 AM, Jerome Baum wrote:

>>> So, how do you sign
>>> (i.e. timestamp) data that isn't already signed by someone else?
>> 
>> You use a regular old 0x00 signature.  0x50 gives you capabilities that 0x00 doesn't.  That doesn't mean 0x50 takes over all purposes of an 0x00.  0x00+notation or 0x50+notation covers either set of semantics.
> 
> I understood your suggestion as 0x50, not 0x50+n. 0x50+n, where n is
> "timestamp-only", seems redundant.
> 
> 0x50 doesn't give additional capabilities. You can sign a signature
> packet with 0x00 as well. 0x50 is more restricted than 0x00, not more
> flexible.

I can make a key signature 0x10 with 0x00 as well (heck, I can make a 0x01 signature using 0x00 as well).  It doesn't make it a smart thing to do since GPG can't automatically canonicalize the data.

The point of 0x50 is that *GPG understands it's a sig-on-a-sig* and can treat it differently, using signature canonicalization (otherwise, why would we have created 0x50 in the first place?)  Thus 0x50+notation means we can make timestamp signatures over other signatures.  That's a good thing.  It means the proposed notation can be used in multiple places.

> In any case, let's just use a notation and concentrate on that. The
> 0x50, clarity/confusion, notation, 0x40, etc. discussion is wasteful
> and not really fun.

You still don't understand.  You are proposing a new feature for OpenPGP, so it needs to consider the various interactions this new "timestamp-only" flag has with different signature types.  These are the sorts of comments and questions that need to be looked at when adding a new feature to the standard.  This is not adversarial!   The goal is to have the best possible design that considers how this new thing fits in to the OpenPGP standard as a whole and that there aren't any gotchas or "Ugh, I wish we would have done xxxx" later.

David